In March 2020, Redscan sent Freedom of Information (FOI) requests to 134 universities across the UK. The aim was to understand more about the frequency of data breaches in the sector and some of the steps institutions are taking to prevent them. The focus on universities was due to the integral role these organisations play in conducting world-changing research and shaping the skills and knowledge of the workforce. The results of the FOI request are available to download in a short report.

This issue has been compounded in recent months due to the impact of COVID-19 on IT and security spending. Research by Gartner suggests that worldwide expenditure on information security and risk management technology and services is due to increase by only 2.4% in 2020 – significantly less than the 8.7% growth originally anticipated. To be effective, cyber security requires not only technology but the skilled security experts and threat intelligence to leverage it.

This blog from senior security consultant Jed Kafetz runs through the key information Redscan requires to scope, plan and price a web application penetration test to ensure it delivers the best outcomes and value for money. When reaching out to us for a quotation, providing the most complete and accurate information possible will not only guarantee a quick turnaround time, but will also ensure that we are not under or over scoping the engagement.

Indeed, with millions of employees now working from remote locations and new services being rolled out to support them, the traditional security perimeter has vanished before our eyes. This has created a significant challenge for the security teams tasked with defending their organisations against threats – a challenge made even harder when the tactics and techniques of cybercriminals are constantly evolving.

The sharp increase in online shopping since the start of the COVID-19 outbreak has led to a significant rise in cyber-attacks on ecommerce websites and apps, making it imperative for retailers to stay alert to the latest risks.

The diverse and fast-changing nature of the Managed Detection and Response (MDR) market makes the process even more difficult. A new report, MDR Market Guide: reducing the costs and risks of cybersecurity investments, from independent technology research and analyst house, Bloor, outlines the key features to consider when selecting an MDR provider.

In many cases, penetration testing – a type of ethical hacking engagement designed to identify and address security vulnerabilities in networks, systems and applications – is required. Sometimes this requirement is specified directly, while in other cases it is implied by a need to build audit or assessment processes to mitigate cyber risk. This blog identifies some of the most common pen testing standards and regulations and provides guidance about the type of testing required.

Chosen from a final shortlist of five companies, ThreatDetect was selected for service excellence and, in the words of the judges, for helping organisations ‘to reduce mean time to detect and respond to threats from months to minutes’. “We are delighted to have been recognised in the SC Awards for four consecutive years.” said Redscan’s Product Marketing Director, Simon Monahan.

During the COVID-19 pandemic, more employees have been working from home than ever before. This situation has significantly increased cyber security risks for organisations, with many lacking sufficient controls to protect workers outside of the office – something criminals are taking advantage of by targeting unsecured endpoints with increasing regularity.

If, like many organisations, your business has been forced to support mass employee remote working, it’s likely that you’ve also had to roll out new services and applications to maintain business continuity and productivity. Understandably, cyber security may not have been front of mind during this process.