Operating in Dynamic Security Environments

Social media is flooded with posts about the latest training course, software release, intelligence update, technology innovation, and more, to help companies manage their security risk, or for individual practitioners to develop professionally and advance their careers. It’s impossible to keep up, and even more challenging to navigate the noise when you actually need to find the solution that’s right for you, or your organisation. The global – and local Read more…

Ten Principles for Leading an Effective Security Operations Center

Leading Security Operations Centers (SOCs) typically adhere to the following principles: Proactive Threat Intelligence: Leading SOCs prioritize proactive threat intelligence gathering and analysis. They invest in tools, technologies, and resources to continuously monitor and analyze emerging threats, vulnerabilities, and attack techniques. By staying ahead of potential risks, they can develop effective mitigation strategies. Comprehensive Visibility: SOC leaders recognize the importance of comprehensive visibility across their network infrastructure, systems, and applications. Read more…

What is proactive risk intelligence and how can it impact an organization?

Proactive risk intelligence refers to the practice of identifying and assessing potential risks and threats to an organization’s objectives before they occur. It involves gathering information, analyzing data, and applying insights to anticipate and mitigate risks in a proactive manner. By adopting proactive risk intelligence, organizations can better prepare themselves for potential disruptions, make informed decisions, and enhance their overall risk management strategies. Here are some key aspects and benefits Read more…

Buyer beware: the risks of purchasing body armour from an online marketplace or second-hand

Buyers of ballistic protection must be cognizant of the safety and practicality of buying such items online or second-hand. Here’s what to look out for:  1. Trustworthy Vendors: The supply chain for body armour should be as solid as the armour itself. Many online marketplaces are populated by generic or unverified sellers, making it difficult to authenticate the source and the quality of the products. Bona fide retailers and manufacturers, Read more…

What are “Automated Asset Discovery Tools” and how do they work?

Thanks to digital transformation, organisations are connecting more and more Extended Internet of Things (XIoT) devices to their corporate networks. XIoT is a term that encompasses all cyber-physical systems, from operational technology (OT) and Industrial Control Systems (ICS) to Internet of Things (IoT) devices, Industrial IoTs, and Internet of Medical Things (IoMT). One sector that has seen rapid growth in the number of XIoT devices is Critical National Infrastructure (CNI). Read more…

How cyber-physical systems have given rise to potentially catastrophic security challenges for critical national infrastructure

Cyber-physical systems (CPS) refer to the integration of physical components with computer-based systems, resulting in a network of interconnected devices, sensors, and actuators. These systems are extensively used in critical national infrastructure, such as power grids, transportation systems, healthcare facilities, and industrial control systems. While CPS offer numerous benefits, they also introduce new security challenges, some of which can have potentially catastrophic consequences for critical infrastructure. Here are a few Read more…

What are the Characteristics of APT – Advanced Persistent Threat?

In the context of cybersecurity, APT stands for Advanced Persistent Threat. APT refers to a targeted and sophisticated cyber attack carried out by highly skilled and motivated threat actors, such as nation-states, organized criminal groups, or advanced hacking groups. Unlike typical cyber attacks that aim to exploit vulnerabilities opportunistically, APTs are characterized by their persistence, stealthiness, and long-term focus. APT actors employ a variety of techniques and strategies to gain Read more…

The Importance of Vetting Your Secure Transport Provider

Vetting your secure transport provider is crucial to ensuring the safety and reliability of transportation services. Here are some key reasons that supports the importance of vetting: Security Experience: Vetting allows you to assess the security knowledge of the transport provider. It enables you to evaluate their knowledge of security protocols, risk assessment, emergency response procedures, and defensive driving techniques. This ensures that the provider has the necessary skills and Read more…

What to include in Security Post Orders and Standard Operating Procedures

Security Post Orders and Standard Operating Procedures are of course critical to the smooth running of your guard force. Below is an example outline of what they might include. These can be adopted and adapted to suit the specific security environment in which your organization operates, after undertaking a thorough risk assessment. 1.  Introduction This document outlines the Security Post Order and Standard Operating Procedures (SPO/SOP). These procedures are designed Read more…

What are the principles and practices associated with “Secure by Design”?

With the increasing cyber threat that exists in the world, a new approach to combat it is essential. Teams must own the cyber security risk of their capabilities from concept to disposal and manage it effectively through the lifecycle of the capability. Secure by Design is an approach to cybersecurity that emphasizes building systems and software with security as a fundamental principle from the very beginning of the development process. Read more…