Jonathan Care, a cybersecurity expert and analyst, explains why penetration testing is not just a compliance requirement, but a function of engineering quality. He challenges the traditional view of penetration testing as a separate activity and argues that it should be integrated into the development cycle. Watch this video to learn more about how security testing can help you improve your engineering solutions and reduce your risks.

James Rees from Razorthorn Security shares his thoughts on a LinkedIn poll that asked how often a penetration test should be performed. He reveals the results of the poll and explains why he thinks quarterly testing is the best option for most organizations. Watch this video to learn more about the benefits of regular penetration testing and how Razorthorn Security can help you with your cybersecurity needs.

Welcome to Razor's Edge, the Continuous Penetration Testing platform from Razorthorn Security. The essence of Razorthorn’s Next-Gen Continuous Pen Testing service, Razor’s Edge, is to help find vulnerabilities, verify them and perform base level exploitation to provide organisation-specific risk scores and mitigation advice to improve the overall security of an environment. We work to a schedule of scanning, testing and reporting defined by the client for the duration of the contract length.

When Megan Brown, Jonathan Care, and I explore the world of penetration testing, we uncover the missing links between the testing itself and having a secure organisation and patched vulnerabilities. In this episode, you will learn how to maximise the potential of your penetration tests and increase the depth of your organisation's cyber security.“Pen tests on their own don’t do anything if you don’t have a way of tracking the issues, resolving the issues.”

Do you remember a time before the internet? It's hard to imagine our lives without it now, but there was a time when people believed it was just a passing fad. In this video, we take a look back at the evolution of the internet and how it went from being a niche technology to a global phenomenon that has changed the way we live, work, and communicate. We explore the early days of the internet when people thought it was just a passing trend, and how it evolved into the complex and ever-evolving system we know today.

Part 1 – Attitudes toward the security community In part one of the webinar, we'll explore some of the challenges and obstacles that professionals may encounter within the information security field, including those that originate from both within and outside of the security community. By understanding these hurdles, attendees will be better equipped to navigate the complex landscape of information security and develop effective strategies for success.

In this video, we explore the evolving landscape of cybersecurity legislation and how it has shifted towards prioritizing resilience over deterrence. As cyber threats continue to increase and attribution becomes increasingly difficult, traditional approaches to cybersecurity legislation such as deterrence and punitive measures have proven to be ineffective. Instead, we are seeing a shift towards promoting resilience and the ability to withstand attacks and quickly recover from them.

In this video, Keith Christie-Smith shares his opinion on the current state of cybersecurity legislation and why he believes that more legislation is necessary. He argues that there are still many verticals where more legislation is needed and that organizations should be mandated to apply the most stringent cybersecurity policies and frameworks available. He also discusses the importance of organizations doing as much as possible from a cybersecurity perspective to protect themselves and their clients.

Following the ransomware attack on US IT firm Kaseya, join us for a chat about the ever-increasing need to secure ourselves successfully against not only direct ransomware attacks, but those that affect us through our supply chains. An estimated 200+ firms have been crippled by the attack on Kaseya, simply because they use Kaseya’s software. The implication of this is that it can feasibly happen to any aspect of your supply chain, so if cyber security is not high on your board’s list of priorities, it really should be. How could the attack on Kaseya, and other supply chain attacks, have been avoided? How can you reduce the probability of it happening to your own organisation? And crucially, how can you make the solution cost effective?

Part 1 – Top Tips for Job Applications Firstly this week, we’ll be addressing a question posed by one of our masterclass attendees: “I am currently studying cyber security and I would love to know what you look for in candidates?” This is a great question and the answer is critical in helping you get into cyber security – I’ll give you my top tips in the first part of our masterclass.

Josh Davies, Keith Christie-Smith, and I dive into the world of legislation and compliance and explore the stark contrast between the need for rigorous security and the burden placed on businesses to comply. “One of the big problems we have in security is that you spend all this money pre-empting your defence in depth to try to protect you against things that you could perceive could happen to you." Josh Davies

In this video, we discuss the importance of having a joined-up approach to information security regulations. As a believer in creating a think tank of different information security professionals from various industries and stages of their careers, we explore the benefits of having a universal set of regulations that are not set hard in stone, but rather adaptable to different companies' needs. We understand that different companies have different security measures depending on their business activities, and we aim to bring together experts to develop a comprehensive and flexible set of regulations that can be universally implemented.

In this video, we discuss the critical role of isolated backups in protecting your organization from cyber threats such as DDOS attacks and ransomware. We explain how disk backups are done on a daily, weekly, or monthly basis and can be stored in a safe and controlled environment, ensuring that critical data can be restored in the event of a breach. By keeping backups isolated from your network infrastructure, you can prevent cybercriminals from accessing them and ensure that your organization can recover quickly and effectively.

In this video, we explore what businesses without information security professionals can do to protect themselves from cyber threats. While it would be ideal for all businesses to have experienced cyber personnel who can advise on critical assets and best steps, this is not always possible. Connect with Your host James Rees Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

We’re joined in this episode of Spotlight on Technology by Jason Monger from Arctic Wolf, market leaders in security operations. We talk about.

In this video, we discuss the potential consequences of organizations paying ransomware, specifically from a UK government perspective. We explore the hypothetical scenario of an organization being hit by the Conti ransomware and having the financial means to pay the ransom. While this may unlock their systems and maintain business continuity, it also raises questions about the legality of paying ransoms and the potential fallout from doing so. We delve into the potential repercussions of breaking the law and the importance of having robust disaster recovery policies in place to minimize the impact of such attacks. Join us as we explore this complex and timely issue.

James Rees questions the motivations behind the decision, whether it is due to ransomware or political sanctions. Connect with Your host James Rees Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Ransomware attacks can cripple businesses in more ways than one. Hackers can lock up your systems and hold your data for ransom, leaving you with no choice but to pay up. In this video, we explore the two-step ransomware attack and how it can affect British businesses. We discuss how hackers can encrypt your data and demand payment to unlock it, as well as how they can exfiltrate your data and hold it for ransom.

With the rise of ransomware attacks on public and private sector organizations, insurance companies have been forced to pay large sums of money to cover the cost of these attacks. However, with UK legislation on ransomware sanctions that prevents them from paying ransomware, insurers will no longer be expected to pay out for these types of attacks. Connect with Your host James Rees Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

When dealing with ransomware actors, people tend to forget that it is essentially a business negotiation. Although these actors may not be the nicest people, their goal is to make money and have you pay up. In this video, we discuss how going in with a confrontational attitude may not be the best approach. Some ransomware groups behave like gamer forum groups, using similar language and tactics, while others are more professional and skilled in negotiation. It's important to do your homework and understand that these actors may already know how much you're insured for.