However, while the retainer model has evolved to meet changing security needs, not all options offer the flexibility required in today’s complex threat landscape. This article outlines how the incident response retainer has changed and continues to develop in scope, and also looks at the different types of available retainer models.

A cyber incident response retainer can help businesses to better manage both the financial and security risks posed by constantly evolving threats. This article outlines the benefits of the retainer model and also covers what organisations should look for in a potential provider.

An initiative of the National Cyber Security Centre (NCSC) since 2017, the Active Cyber Defence (ACD) programme has provided a range of free cyber security tools and services to enable eligible public sector organisations to address high-volume commodity attacks. Following on from its success, the NCSC has announced plans to launch a new version of ACD, aimed at extending its benefits to businesses.

In this article, we outline the main elements of DORA, as well as key recommendations for preparing effectively for this important new regulation.

However, to achieve the full potential of this approach, they must first overcome a variety of challenges. Read on to discover what intrusion detection is and how it has evolved, plus the four key challenges associated with it and how to address them.

From email compromise to insider threat, manufacturing businesses are under pressure to defend themselves effectively from threats across their environment. Drawing on insights from the recent Kroll report, The State of Cyber Defense: Manufacturing Resilience, this article outlines the primary threats currently impacting manufacturing companies.

Any organisation that sends electronic marketing communications via phone, fax, email or text, uses web cookies, or provides communications services to the public falls under the scope of the PECR, and must be aware of its information security requirements.

Attackers are increasingly targeting vulnerabilities within large language models (LLMs) used to recognise and generate text. In response to the growing risk, the recently launched OWASP Top 10 for LLMs covers the key vulnerabilities within these types of AI applications. Read our guide to learn more about the most critical vulnerabilities and how to reduce AI security risks.

From chatbots like ChatGPT to the large language models (LLMs) that power them, managing and mitigating potential AI vulnerabilities is an increasingly important aspect of effective cybersecurity. Kroll’s new AI insights hub explores some of the key AI security challenges informed by our expertise in helping businesses of all sizes, in a wide range of sectors. Some of the topics covered on the Kroll AI insights hub are outlined below.

CREST accreditation is a good place to start – a ‘stamp of approval’ for a high-quality penetration test. But what does it mean to be CREST-approved, and what differentiates CREST penetration testing from other assessments? Read on to find out.