The Security Strategist

The SolarWinds breach exposed vulnerabilities within DevSecOps practices, sending shockwaves through the tech world. 

The U.S. Securities and Exchange Commission (SEC) indictment against SolarWinds fu…

The fight against cybercrime is a never-ending battle. Firewalls and antivirus software, our traditional defences, are like trusty shields—good against basic attacks but not enough. Advanced attacker…

The cloud revolutionised how businesses operate, but managing dynamic, complex environments presents new and unique challenges.

While digital transformation has brought significant benefits, the reali…

Automated Security Validation. Involving tools, scripts and platforms to emulate true-to-life attacks, Automated Security Validation is a key part of assessing the readiness of the security infrastru…

It seems like VPN products are consistently the initial access vectors for ransomware groups and targetted attacks. 

This was demonstrated in the recent Ivanti Connect Secure zero-day vulnerabilities,…

Rapid breach response. The art of quickly reacting to a security breach or incident. Key for minimising the impact of attacks and ensuring your team is as effective as possible, rapid breach response…

The audit process is broken. CISOs and CTOs have faced a multitude of challenges under this outdated audit landscape, and the efficacy of companies are being stunted by a system that desperately need…

In the world of complex supply chains, it’s not enough to secure our own data but also ensuring that third party vendors we work with have robust security.

When it comes to proactively stopping threat…

In 2024, the conventional approach of responding to threats is dead. As cyberspace becomes more complex, interconnected, and sophisticated, companies are beginning to recognise the shift from a react…

Using threat intelligence effectively in incident investigation is crucial for identifying, mitigating, and preventing cybersecurity threats. 

By integrating relevant threat intelligence feeds, securi…

Application security is a complex, wide-ranging field. 

With attackers using a wide range of attacks from credential stuffing to cookie poisoning, how can you keep up with the ever-evolving landscape?

…

Doing more with less. The art of optimising your cybersecurity strategy and resources to achieve effective protection against cyber threats. 

From assessing and prioritising assets to utilising open s…

Securing Software as a Service (SaaS) applications is crucial to protect sensitive data, ensure user privacy, and maintain the overall integrity of the service.

From data encryption and identity manag…

Enabling the business to leverage data while preventing breaches are top priorities for CxOs and boards across industries. 

However, data security has long relied on legacy architectures and outdated …

No one knows how far gen AI can go in the enterprise but we know that it will be massive. Future platforms will certainly streamline and ensure efficiency, accuracy, and impact. 

But there are many qu…

Zero Trust is a security concept and framework that assumes no trust, even among users and systems inside the corporate network. 

Traditionally, network security models operated under the assumption t…

XDR isn’t just a fancy term or the latest trend; it represents consolidating security tools, enhancing defences against sophisticated attacks, and reducing response time to safeguard against data bre…

It’s officially the spooky season - but something scarier than ghosts, vampires and werewolves is striking fear into the hearts of cybersecurity leaders across the globe. 

The unique challenges in the…

Rapidly accelerating technology advances, the recognized value of data, and increasing data literacy are changing what it means to be "data driven." 

The ability to leverage data for day-to-day activi…

Monitoring cyber risk is essential in today's interconnected landscape. 

Involving continuous assessment of vulnerabilities, threat detection, and response readiness, companies should be looking at th…