Penetration Testing

HackerOne, the hacker-powered penetration testing and bug bounty platform, has revealed that hackers believe technology firms are the least secure with 18% saying they have the furthest to go to improve security. Government (16%) and finance (14%) are two other industries that hackers believe have…

A new report published by CREST looks for solutions to the increasing problems of stress and burnout among many cyber security professionals, many of whom are often working remotely in high-pressure and under-resourced environments. CREST – the not-for-profit body that represents the technical security industry…

CBEST is the Bank of England’s intelligence-led cyber adversary simulation framework, used for testing systemically critical financial organisations through simulated cyber attack scenarios based on real-world threats and risks. As Owen Wright explains, a CBEST exercise lasts approximately 20 weeks and has four distinct phases. During…

A new business that promises a fresh approach towards security consultancy and contract management has been launched by Danny Moody, a senior security management professional with almost 20 years’ experience of protecting high-profile assets. Tobruk Security Management Services aims to deliver a range of services…

With October being ‘Cyber Security Awareness Month’, Charles Poff (Chief Information Security Officer at SailPoint) has stressed that it’s important to take a hard look at the “frightening” shortage of cyber security professionals currently operational in the industry’s workforce. According to research conducted by Cybersecurity…

As a Chief Information Security Officer (CISO), you’re likely to have put forward many plans designed to improve the overall security posture for the users of your organisation. Much of the time, you’ll receive executive sign-off and then roll out whatever initiative it might be.…

BSI has moved to acquire AppSec Consulting, the cyber security and information resilience (CSIR) company located in San Jose, California. The acquisition will see AppSec Consulting become a key part of BSI’s CSIR offer. The business will now operate under the name ‘AppSec Consulting –…

Cyber security is an evolving discipline. It’s an ongoing endeavour to beat the hackers and cyber criminals at their own game and mitigate the risk they represent. As Scott Nicholson points out, though, for many organisations this is easier said than done. While the importance…

Orange has announced the acquisition of the SecureData Group for an undisclosed sum. SecureData is the largest independent cyber security service provider in the UK and boasts a 25-year track record of providing integrated cyber solutions designed to assess risks, detect threats, protect customers’ IT…

It’s not an easy task to remember a week in 2018 without a major data leak or security breach. Passwords were leaking, new sophisticated malware attacks were spreading, data was breached and Governments around the world once again overturned privacy rules. According to NordVPN’s digital…