Your Security & Resilience Blog

Cultural events such as music festivals can pose a significant security challenge. Several factors need to be considered to ensure the safety and well-being of attendees. Here are some key considerations: Threat Analysis: Assess potential threats specific to the event, such as terrorism, crowd-related incidents, theft, vandalism, and drug-related issues. Consider both external and internal threats. Venue Selection: Evaluate the suitability of the venue in terms of size, layout, accessibility, Read more…

Organisations are increasingly looking to technology as an enabler of their resilience programmes. Why? Because, by facilitating the aggregation of data across business continuity, (BC), operational resilience (OpRes), crisis management, risk and third-party teams, technology can solve many of the pain points faced, whilst improving the quality of best practice and change programmes overall. Technology enablement of their programmes is becoming a key priority. Companies are starting to understand the Read more…

The cyber kill chain, also known as the Lockheed Martin Cyber Kill Chain, is a concept and framework used in the field of cybersecurity to describe the stages of a cyber attack. It provides a systematic approach to understanding and countering the various steps involved in a typical cyber attack. The concept was initially developed by Lockheed Martin in 2011. The cyber kill chain consists of several stages or steps Read more…

Conducting a business impact analysis (BIA) is an important step in assessing the potential effects of disruptions on your business operations. It helps you identify critical processes, prioritize resources, and develop appropriate recovery strategies. Here’s a step-by-step guide to conducting a BIA: Define the scope: Determine the boundaries of your analysis. Identify the business units, departments, or processes that will be included in the assessment. Identify critical business objectives and Read more…

Proactive security intelligence involves the proactive identification, analysis, and response to potential security threats and risks. The components of proactive security intelligence typically include: Threat Intelligence: Gathering information about potential threats, including cyber threats, physical threats, insider threats, and emerging risks. This involves monitoring various sources such as threat feeds, security vendors, industry reports, and open-source intelligence. Vulnerability Management: Identifying and assessing vulnerabilities within an organization’s systems, networks, and applications. Read more…

Data security and cybersecurity are related concepts but have different scopes and focus areas. Here’s a breakdown of the difference between the two: Data [or Information] Security: Data security refers to the protection of digital data from unauthorized access, use, disclosure, disruption, modification, or destruction. It focuses on safeguarding the confidentiality, integrity, and availability of data. Data security measures are designed to prevent data breaches, unauthorized data access, and data Read more…

Tackling interconnected risks in enterprises requires a comprehensive and proactive approach. Here are some strategies that can help enterprises effectively address interconnected risks: Risk Assessment and Identification: Begin by conducting a thorough risk assessment to identify and understand the interconnected risks that your enterprise faces. This involves evaluating internal and external factors, such as operational, financial, legal, regulatory, reputational, and technological risks. Integrated Risk Management Framework: Implement an integrated risk Read more…

It takes a lot to keep the public safe. Here are some examples of technical applications: Surveillance Systems: Closed-circuit television (CCTV) cameras and other surveillance technologies are widely used to monitor public spaces, such as streets, parks, and transportation hubs. These systems help deter crime, provide evidence for investigations, and assist in emergency response. Such systems are moving into the skies in form of drones. Emergency Communication Systems: Public safety Read more…

Implementing and managing an effective Payment Card Industry Data Security Standard (PCI DSS) program involves several key steps: 1. Understand PCI DSS Requirements: Familiarize yourself with the PCI DSS standards and requirements to ensure you have a clear understanding of what needs to be implemented and maintained. 2. Scope Definition: Identify the scope of your cardholder data environment (CDE) and determine which systems, networks, and processes are in scope for Read more…