I wrote a short post recently with some guidance for start-ups – if you read it you’ll notice I assume that any start-up will be making use of cloud services, rather than trying to build and host infrastructure internally. It’s not just start-ups using...
16:09 18 April
, cloud security
, Cyber security
, Incident Response
, security monitoring
, security operations
, small business
, staff awareness
So, what is it you do?
I’m often asked by people outside the cyber security industry what
is it, in fact, that I do. A reasonable question, and my usual answer is
‘stuff, for people’. Partly that is a hangover from the government days, and
partly because consultancy is...
If you’ve been paying any attention at all to the news in the last couple of weeks, you’ll be aware that British Airways had a significant and embarrassing problem with their website. You can read about it here, with quotes from me! I, and most...
Over the years I’ve worked with a number of organisations who are struggling with an outsourced security monitoring service provider. These relationships can fail for a number of reasons, and it’s not always (or even most often) just the fault of the provider. Yes, there...
The NCSC, along with the Information Commissioners Office (ICO) have produced some useful guidance on security and GDPR. The approach they use distill nicely into four aims;
Manage security risk
Protect personal data against cyber attack
Detect security events
Minimise the impact
I will write blogs...