Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC. The cacophony of all the log and event data and vulnerability scans are pouring into the SIEM, and it’s Gabrielle’s job to listen to the symphony of data and find the out-of-tune notes.

The National Cyber Security Centre (NCSC) describes this update, version 3.1, as a ‘lighter touch’ update than the previous iteration in 2022, but it still contains some important updates and clarifications. In this blog post, we provide a brief overview of some of the changes. Cyber Essentials is an initiative created with the aim of increasing awareness of cyber security issues and enabling companies to address common types of cyber threats.

Experts from around the globe gathered at the RSA Conference 2023 in San Francisco, and shared what they are predicting to be the 5 most dangerous cyber security threats impacting organisations today. The panel consisted of four respected SANS analyst experts, invited to explore the latest Tactics, Techniques and Procedures (TTP’s) of modern adversaries, and empower organisations with the correct detection and defence advice.

The Artificial intelligence (AI) based language model, ChatGPT, has gained a lot of attention recently, and rightfully so. It is arguably the most widely popular technical innovation since the introduction of the now ubiquitous smart speakers in our homes that enable us to call out a question and receive an instant answer. But what is it, and why is it relevant to cyber security and data protection?

Co-authored by David Willis and Gary Jenkins As we wrote in an earlier blog, the concept of cybersecurity risk continues to be codified, qualified, and, finally, quantified. With the rise of RESTful API endpoint support and near-real time telemetry sharing, companies can seize the opportunity to automate the IT/security stack’s response to risky users (in addition to devices, data, and applications—to be covered in future blogs).

Cyber risk governance (also called cyber risk governance or governance, risk, and compliance — GRC) and cyber risk management are often used interchangeably, but they are actually very different parts of the way an organization achieves data protection. While cybersecurity risk management focuses on implementing cybersecurity controls, cyber risk governance is more concerned with the strategy behind that implementation.

PharMerica is a huge service provider that works with many of the pharmacies and medical facilities in the United States today. The company offers its services to more than 2,500 facilities and over 3,100 pharmacies, and providing the data services to all those companies requires storing massive amounts of HIPAA-protected information. Unfortunately, this pharmaceutical services giant suffered a recent data breach compromising data for millions of different patients.

As businesses continue to evolve, automation has become an essential aspect of modern operations. The benefits of automation are numerous, ranging from reducing operational costs to increasing security, efficiency, and accuracy. However, with so many automation solutions available on the market, it can be challenging to select the right one for your business.

As technology progresses and mobile devices become ubiquitous, a remarkably large number of people worldwide are now using smartphones. In fact, current estimates show that 6.8 billion users rely on their phones for an array of activities; but most significantly – 88% is dedicated to app usage! While the above stats show that the mobile app industry is thriving, it's also a matter of concern. Why?