Search

Studying the risk management dimension of the RESILIA Foundation course will enable people to better understand what is a threat, a vulnerability and an asset in the context of cyber resilience and how they combine to create a risk to the business. One way to understand the...

The success of cyber security awareness learning in organizations today is, typically judged by the ‘ticking of a box’ to say it’s been done. But have organizations – and their managers responsible for information security awareness learning – really stopped to ask whether t...

AXELOS Community hosted Whaling Week, a look into the results of a successful Whaling attack in your organization. We now present four of the best replies from throughout the week. We appreciate all the responses we received throughout Whaling Week, we had a great time readi...

When thinking about cyber resilience, just how important do you believe the people in your organization are? All your people, from top to bottom? You have heard the expression, ‘ People, Process, and Technology’ a thousand times. But which is the most critical of the three...

In the world of cyber resilience, barely a week goes by without another company falling victim to cyber-attack – and to the penalties that can arise as a result. In February 2015, the UK Information Commissioner’s Office (ICO) fined insurance broker, Staysure, £175,000 after...

If you think companies are out of the “cyber woods” in terms of risk, then you should think again. The latest research from insurance organization, Aon Risk Solutions , finds 90% of senior executives saying cyber risk is “not fully understood”, while 80% say companies are ...

You only have to be a casual follower of the news to see that cyber attacks and the resulting damaging data breaches are happening with greater frequency. TalkTalk and JP Morgan are just two of the latest high profile companies to show their vulnerability to cyber crime....

A recent poll of City of London bosses by the Financial Times called on companies to hire a “younger generation of boardroom directors to head off the systemic threat that cyber risk poses to the financial system”.¹ I welcome business leaders openly discussing the signi...

How much do Small and Medium Sized Enterprises ( SMEs ) have to fear from cyber-attack? The high profile cyber attacks of the past year have involved much bigger commercial fish than companies in the SME market. But that doesn’t render them immune – far from it. 74% of s...

No matter how sophisticated an organization’s technical controls, there is always a risk of attack. In this day and age, with the great speed at which technology is advancing, the constant evolution of threats makes it impossible for any business to be 100% protected; what th...

Getting your awareness training right is essential for cyber resilience Cyber-related fraud is at its highest level since 2008 according to the latest research – a stark fact that makes information security awareness learning for employees more vital than ever. The recen...

Okay, I don’t usually quote Shakespeare, but there’s one line that I’ve remembered since I was at school in England. It comes from Othello : “Reputation, reputation, reputation! O, I have lost my reputation! I have lost the immortal part of myself.” All the publicity aro...

During the run-up to the US election there’s been a lot of talk about who’s for real and who’s faking it. Who you would like to have a beer with, and who you’d trust with the economy. When I saw a headline about a ‘Fake President Scam’ the other day, I thought it was about ye...

Ever had the nightmare of your company being hacked and it making national news? Have you ever stood in front of your board and felt like saying ‘I told you so’? This is exactly what happened to one CSO (Chief Security Officer) in our real-life C yber Stories from the Frontl...

Phishing , Trojan Horses, Malware, Whaling , Denial of Service – these are all terms that have become common currency in the world of cyber security. With increasing public exposure of global organizations’ cyber security vulnerabilities , the language of cyber threats a...

Politics often throws up examples of highly memorable, and equally emotive, language designed to make voters think a certain way about a particular party. The UK’s current election fever is no different, with politicians coining the rather loaded phrase, “Weaponizing the NHS...

Why is there an obsession with where a cyber-attack originates? In recent reports about attacks on SWIFT (the global financial messaging service) at various banks, there was speculation that it may have been the work of well-skilled and motivated groups creating malware. T...

When I read about the latest cyber attack in the press I wonder how the ordinary person in the street is responding to the same story. Do they feel interested or intrigued? Do they want to understand more? Do they feel that they have a part to play? I suspect most don’t but i...

Cyber security, today, is often very technology-based with a focus on technical issues such as firewalls and virus scanning software. While technology is an important part of the cyber defence, it is important not to neglect strategy in identifying what controls an organi...

I n recent years Romania and, more broadly, South East Europe have become a hotbed for international IT services. Due to the region’s Internet of Everything approach, the IT market is booming and facilities like Security Operations Centres (SOCs) and Network Operation Centres...

An AXELOS webinar – Protecting the reputation of UK Further and Higher Education with your greatest defence: your people – has highlighted how Further and Higher Education establishments are the ideal target for cyber attackers. Education institutions hold personal and fin...

Recently I had a fascinating meeting with the chief executive of a start-up company who are about to disrupt an established market – this was always going to be an interesting discussion! They have established that there is a ‘Delta’ in the performance of existing companie...

With tech-centric changes driving disruption all around us, AgileSHIFT has a simple indicator to help you assess the impact on your organization. The Delta is the difference between the 'target state' and the current performance level. The larger the delta, the more exposed...

Companies worldwide are now realizing that cyber resilience is not just a “good to have”, but a necessity. It’s no longer a question of if but when risks will emerge and when vulnerabilities are exploited with threats relating to information assets such as data, syst...

One group who are clearly enjoying the coronavirus pandemic are cyber criminals. It’s proved yet another valuable opportunity for them to play on our fears, doubts and vulnerabilities through simple phishing scams . Yet, like regularly washing our hands to avoid getting sick...

The current coronavirus crisis has pushed ‘home and mobile working’ onto the front pages. Self-isolation is critically important as we work towards preventing the rapid spread of the virus. But how can we isolate ourselves from a different threat whilst working remotely or a...

Service continuity management, along with IT security, is top of the critical list for IT today – not least in the current global situation caused by Covid-19 . If you don’t have service continuity management and something major happens, it could ruin your business and – cl...

Happy, safe employees generally stay longer at their organizations, are more productive, and cause fewer incidents. Successful leaders know this and actively develop safety cultures— climates in which people are comfortable being (and expressing) themselves—to make sure that ...

This is the first in a series of conversations with Nick Wilding and leading cyber resilience commentators and practitioners from around the world. Who should countries and companies learn from when thinking about cyber resilience? Estonia has been described in tech pub...

When Dido Harding, the CEO of TalkTalk, recently announced there was a chance that all their four million customers’ personal data might have been compromised, she could not have imagined the tsunami of press and media coverage that resulted. It all happened so quickly – 48 ...

Christian Tijsmans is founder of Connect the Dotz and Paul Wilkinson is the owner/director of GamingWorks How critical is cyber security training for organizations? Not-for-profit IT governance body, ISACA said in its State of Cybersecurity report that 82% of board dire...

Just because you can connect a device to the internet doesn't mean you should. While connected devices (commonly called the “Internet of Things”) can deliver new services, there needs to be security, privacy and clear ownership of data. The endgame for the Internet of ...

Dear Mr or Mrs Private Company Director – do you know who you are handing your personal information to and why? For all of you, there is an information security risk when third parties are asking for your personal details. Why? Do you know how securely they will treat your i...

The issue with Delta Air Lines’ computer system on 8 August 2016 created chaos for travellers around the world. The official reason for the systems crash was a power outage, initially described as something outside of Delta’s control, a claim that has  not been backed up by t...

The risk of being held to ransom is no longer just a phenomenon of the physical world - the digital world is subject to the menace of Ransomware . Ransomware is where an attacker renders your computer system and your data unavailable to you through encrypting your data and ...

Board directors, business leaders and entrepreneurs are known as ‘whales’. You’re the big fish who holds the key to the really big prize for hackers. Whether that’s intellectual property, commercially and market sensitive information or simply money, there are hackers out the...

As part of the CBI Cyber Security Conference 2018 , Ciaran Martin, CEO of the National Cyber Security Centre hosted a Keynote session. Here are a few key takeaways from his session. There is a culture shift in business about cyber security and evidence that business l...

Process implementation in IT Service Management (ITSM) comprises the steps we take to deliver services and the changes necessary to support the business moving forward.The purpose of IT is to be a business partner, ensuring anything that falls within the remit of delivering ...

The internet plays a huge part in our lives: for work, staying in touch with our friends, shopping, playing games, studying or just watching some hilarious cat videos, we are spending more and more time online. We are bombarded with more and more information and the technol...

One hundred percent of US Fortune 100 companies use the ITIL framework to manage, govern and keep their IT environment safe, so why isn’t ITIL training a priority at all of these organizations? In the past, product lifecycles were longer. You would develop a product, pu...

What is currently a typical starting point when organizations are thinking about protection against cyber threat and how often is that the right place to start? Organizations can start from one of three places when thinking about protection against cyber threat: Strategic...

How well prepared are organizations for the activities of cyber criminals in 2019? Organizations want to feel their efforts have made a difference to answering the question “ are we secure? ” However, there is no perfect solution or ability to be 100% secure; the real aim is...