|
By Ayisha Bari
If you’ve heard of ransomware attacks in the news, you’ll know they can result in big losses for big businesses. But the fact is that organisations of any size can fall victim to an attack, and often the smaller your business is, the more severe the impact.
|
By Dominic Mortimer
During my time delivering red team engagements over the last few years, I've had the luxury of working with organisations who’re just starting out with their red teaming approaches, all the way up to battling hardened and heavily monitored networks. In this experience, I’ve found that one of the key areas that makes or breaks a successful operation is the scoping, sizing and planning of an engagement. It can often be daunting to explore more threat-led and realistic testing approaches.
|
By Jason McNicholas
Malicious actors are always coming up with new and innovative ways to steal your money and information. This means it’s all the more important to be aware of these new attacks as they appear and know how to spot and respond to them. In this article I’ll be bringing attention to a new attack that has become increasingly common in recent months. That attack is called ‘Quishing’, and it is a specific new variant of the much broader attack known phishing.
|
By Eze Adighibe
SOC 2 is an information security standard was created by the American Institute of Chartered Public Accountants (AICPA), as a way to provide assurance of an organisation’s management of data. SOC 2 compliance provides a framework to assess against five Trust Service Criteria (TSCs) – but more on those later. There are two types of SOC 2 compliance: Type I and Type II.
Bulletproof Co-founder & CEO, Oliver Pinson Roxborough, talks us through how hackers hide, the perceived threat from nation states, and what that means for your business.
|
By Jemma Aldridge
It’s not surprising that adoption of Cyber Essentials certification is growing steadily year on year. It’s a valuable certification to have, not least of all for the many commercial opportunities it presents. But as a Cyber Essentials Assessor, one thing I see repeatedly is that poor network boundary implementation making reaching certification harder than it has to be – especially for smaller organisations. That’s what I’m going to be looking at in this blog.
|
By Nicky Whiting
Implementing ISO 27001, the international standard for information security management, is a complex process that requires expertise, experience and careful planning. This blog explores why using a consultant for ISO 27001 implementation is crucial to not just ensure certification, but also (and perhaps more importantly), to build an information security management system that is tailored to your business and its objectives. To make sure your certification is actually working for you.
|
By Richard Bradley
US data transfers... are they allowed? Well. Yes. It depends....it’s complicated. Let’s get stuck in and I’ll explain all. In July this year, the EU Commission made an adequacy decision for the new EU-US Data Privacy Framework (DPF). This can be seen as Safe Harbor 3.0. Essentially, in most scenarios, data transfers from the EU to the US are now permitted without the need for other mechanisms such as Standard Contractual Clauses (SCCs).
|
By Chay Donohoe
This is a Bulletproof Tech Talk article: original research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. Some readers may remember an article published by Bloomberg entitled "The Big Hack: How China used a Tiny Chip to Infiltrate U.S. Companies".
|
By Nicky Whiting
Data protection officers (DPOs) are often seen as secret weapons in an organisations’ operations arsenal. When done right, they can quickly and effectively make the headache of managing your data protection obligations go away – leaving you free to focus on running your business. But how do you know much DPO time you need? And why? That’s what I’m looking at in this blog.
|
By Bulletproof
Confused about PCI compliance? Get a clear understanding of this much misunderstood standard with our Clarity On PCI Compliance white paper. This is the first in our 'Security First' series of white papers and provides an illustrated insight into the world of PCI DSS compliance. Inside we explain the requirements, dispel the myths and give you top tips for saving time and effort.
|
By Bulletproof
This Security First white paper will help businesses understand all aspects of penetration testing services, from planning and managing through to getting real value and benefit from the results. This whitepaper is not a guide for practitioners, but instead is aimed at people who need to procure, plan, and manage the lifecycle of a penetration testing project.
|
By Bulletproof
This white paper will provide you with a high-level understanding of GDPR's strategic aims and the challenges these present to UK businesses. In addition, we'll present helpful tips for interpreting, implementing and maintaining the new legislation and your approach to managing personal data.
- March 2024 (3)
- February 2024 (7)
- January 2024 (6)
- December 2023 (2)
- October 2023 (2)
- August 2023 (1)
- July 2023 (1)
- June 2023 (5)
- May 2023 (8)
- April 2023 (4)
- March 2023 (4)
- February 2023 (3)
- January 2023 (9)
- November 2022 (1)
- October 2022 (1)
- August 2022 (1)
- July 2022 (3)
- June 2022 (1)
- May 2022 (3)
- April 2022 (4)
- March 2022 (5)
- February 2022 (6)
- January 2022 (3)
- December 2021 (2)
- November 2021 (4)
- October 2021 (1)
- September 2021 (2)
- August 2021 (2)
- July 2021 (1)
- June 2021 (2)
- May 2021 (2)
- April 2021 (2)
- March 2021 (1)
- February 2021 (3)
- January 2021 (3)
- December 2020 (3)
- November 2020 (3)
- September 2020 (1)
- August 2020 (1)
- July 2020 (2)
- June 2020 (3)
- May 2020 (1)
- April 2020 (1)
- March 2020 (4)
- February 2020 (1)
- December 2019 (1)
- November 2019 (2)
- October 2019 (1)
- September 2019 (2)
- August 2019 (1)
- July 2019 (3)
- June 2019 (2)
- May 2019 (2)
- April 2019 (2)
- March 2019 (4)
- February 2019 (2)
- January 2019 (2)
- December 2018 (1)
- November 2018 (2)
- October 2018 (4)
- September 2018 (6)
- August 2018 (6)
- July 2018 (3)
- June 2018 (4)
We are your best defence from cyber threats. We are Bulletproof.
Here at Bulletproof, security's in our DNA. Our information and cyber security services are the best way to stay ahead of the hackers, take control of your infrastructure and protect your business-critical data.
Investing in the future by securing today: Employees are the lifeblood of a company, and we are no exception. We’re proud to say our staff are passionate and experienced in all areas of information security – and certified by the likes of CREST and Tigerscheme. We also have a world-class infrastructure, with two PCI v3.2 compliant data centres and powerful SIEM software that was designed in-house.
24/7 Security Operations Centre: One of the major factors to our success is our UK Security Operations Centre (SOC). This is an in-house facility, staffed every hour day and night by our cyber security gurus. The SOC acts as a command station for all our security operations and, in the case of our Managed SIEM and Threat Protection services, are always geared up to deploy full incident management procedures, according to pre-defined runbooks, within moments of a security event being detected.
Trained. Experienced. Certified. That’s Bulletproof.