We're back from a short break while we upgraded our studio equipment - have you missed us? Today we have a quick roundup of the latest news including notes on a recent interview with a hacker - who they target and why - and what we can take from this to protect our organisations.

In the second of our new series, Spotlight on Technology, we take a look at privileged access management with James Rees MD of Razorthorn cyber security consultancy, & David Higgins, EMEA Technical Director of CyberArk, leaders in identity security and access management. Accounts with privileged access are gold dust for malicious actors and gaining access to these, and the sensitive data these accounts have access to, can cause some huge and costly problems for the targeted organisation.

In this 25 minute video, we take a look at the state of cybercrime and security from a national and regulatory standpoint. We know that there are problems with our existing cyber security - whether that's within CNI and governments or organisations, large or small. The Colonial Pipeline hack is evidence enough.

We've talked about supply chain security before but it's a trend that doesn't appear to be going away - indeed, the number of attacks on service providers only seems to be increasing. Outsourcing is always a strategic risk for any business, but knowing that these attacks are getting more prevalent, what do you need to be doing to make sure your supply chain in secure? We talk about what needs considering to ensure your data isn't compromised by third party security issues. (Start at 7 mins 33 secs to skip to the 'how to').

Ransomware has been the biggest cybersecurity problem of 2021, with yet another service provider hit this week. We've had our warning shots - now is the time to rethink our Defence in Depth strategy and learn from the mistakes of other organisations. We run through what you need to be considering and adding to your security strategies in order to protect yourself from what is becoming a very real and very possible threat.

In our new series, Spotlight on Technology, we invite experts from different areas of cyber security to talk to us about their specialisms. First up, we take a look at encryption with James Rees MD of Razorthorn, a cyber security consultancy & Scott Glazer from Atakama, New York based multifactor encryption software specialists. 80% of companies hit by ransomware are hit twice in a short space of time – 45% of the time by the same attacker as the initial breach. We need to take a new approach to defend against this modern day threat.

In (probably) the last in our series on ransomware, we take you through the latest ransomware attacks on businesses over the last week and - importantly - we share our expertise on the most effective ways to protect your business against a ransomware attack.

Becoming PCI DSS compliant can be a long journey and we like to begin, possibly controversially, with requirement 12 of the 12 PCI DSS Compliance Requirements. This requirement includes information security governance and there's a lot in there about your security policies. Why begin here, you might ask? Well, watch on...

There are plenty of myths and misconceptions around PCI DSS. This video guides you through this minefield - making sure you understand each myth can not only make the PCI DSS compliance process easier but also more successful. Jim shares his 10+ years' experience as a QSA to explain where these misconceptions come from and how to successfully work around them.