This issue has been compounded in recent months due to the impact of COVID-19 on IT and security spending. Research by Gartner suggests that worldwide expenditure on information security and risk management technology and services is due to increase by only 2.4% in 2020 – significantly less than the 8.7% growth originally anticipated. To be effective, cyber security requires not only technology but the skilled security experts and threat intelligence to leverage it.

This blog from senior security consultant Jed Kafetz runs through the key information Redscan requires to scope, plan and price a web application penetration test to ensure it delivers the best outcomes and value for money. When reaching out to us for a quotation, providing the most complete and accurate information possible will not only guarantee a quick turnaround time, but will also ensure that we are not under or over scoping the engagement.

Indeed, with millions of employees now working from remote locations and new services being rolled out to support them, the traditional security perimeter has vanished before our eyes. This has created a significant challenge for the security teams tasked with defending their organisations against threats – a challenge made even harder when the tactics and techniques of cybercriminals are constantly evolving.

The sharp increase in online shopping since the start of the COVID-19 outbreak has led to a significant rise in cyber-attacks on ecommerce websites and apps, making it imperative for retailers to stay alert to the latest risks.

The diverse and fast-changing nature of the Managed Detection and Response (MDR) market makes the process even more difficult. A new report, MDR Market Guide: reducing the costs and risks of cybersecurity investments, from independent technology research and analyst house, Bloor, outlines the key features to consider when selecting an MDR provider.

In many cases, penetration testing – a type of ethical hacking engagement designed to identify and address security vulnerabilities in networks, systems and applications – is required. Sometimes this requirement is specified directly, while in other cases it is implied by a need to build audit or assessment processes to mitigate cyber risk. This blog identifies some of the most common pen testing standards and regulations and provides guidance about the type of testing required.

Chosen from a final shortlist of five companies, ThreatDetect was selected for service excellence and, in the words of the judges, for helping organisations ‘to reduce mean time to detect and respond to threats from months to minutes’. “We are delighted to have been recognised in the SC Awards for four consecutive years.” said Redscan’s Product Marketing Director, Simon Monahan.

During the COVID-19 pandemic, more employees have been working from home than ever before. This situation has significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside of the office – something criminals are taking advantage of by targeting unsecured endpoints with increasing regularity.

If, like many organisations, your business has been forced to support mass employee remote working, it’s likely that you’ve also had to roll out new services and applications to maintain business continuity and productivity. Understandably, cyber security may not have been front of mind during this process.

At Redscan, we’ve set about shining light on some of these challenges by analysing how the crisis has affected online search behaviour in relation to cyber security and technology. The findings provide insight into how well-prepared businesses were for such an incident, the tools organisations are turning to support operations, and potential threats they are facing.