|
By James Rees
As we begin 2025, the cybersecurity landscape faces unprecedented change. Recently, on the Razorwire Podcast, I was joined by industry experts Richard Cassidy and Oliver Rochford who shared their insights about emerging threats, market dynamics and technological evolution that will shape security strategies in the coming year. From the rise of AI-powered threats to complex regulatory challenges, their analysis revealed both opportunities and risks that organisations must navigate.
|
By Razorthorn
By James Rees, MD, Razorthorn Security From 2020 to 2024, cybersecurity underwent a transformative period that reshaped the industry. This era witnessed several significant high profile security breaches, whilst the World Economic Forum recognised cybersecurity as one of the top ten threats to global economic stability.
|
By Razorthorn
By James Rees, MD, Razorthorn Security The landscape of cybersecurity awareness has changed dramatically in the last 25 years. What began as simple password guidance and basic IT training has evolved into a complex web of security challenges that organisations must navigate daily. Back in December 1999, the world held its breath waiting for the Y2K bug to wreak havoc on computer systems globally.
|
By Razorthorn
By James Rees, MD, Razorthorn Security Human-related security failures are rarely about incompetence. Most organisations view security as a problem to be solved through training modules, awareness campaigns and strict policies, yet beneath this mechanical approach lies a deeper truth: our relationship with security at work mirrors our basic human needs for safety, belonging and professional dignity.
|
By Razorthorn
By James Rees, MD, Razorthorn Security In an era of interconnected services and external partnerships, two critical security challenges loom large: third party risk and insider threats. Recent events highlight these concerns – from the massive breach of Social Security numbers through a service provider to the CrowdStrike incident that grounded major airlines, causing hundreds of millions in damages.
|
By Razorthorn
By James Rees, MD, Razorthorn Security In today’s complex cybersecurity landscape, Governance, Risk and Compliance (GRC) tools have become essential for organisations managing intricate security ecosystems. These tools are designed to centralise information, streamline processes and offer crucial insights into an organisation’s risk posture. However, as cybersecurity expert Jack Jones revealed when he joined me on a recent podcast, the reality often falls short of these ambitious claims.
|
By James Rees
The cybersecurity industry is known for its cutting edge technology and constant evolution, but beneath the surface of firewalls and threat detection lies a aspect that’s discussed less regularly: the mental health and wellbeing of its professionals. As cyber threats grow more sophisticated, so too does the pressure on those tasked with defending against them.
|
By Razorthorn
By James Rees, MD, Razorthorn Security In the rapidly evolving world of cybersecurity, artificial intelligence (AI) and large language models (LLMs), have become buzzwords that seem to promise revolutionary solutions. However, as with any emerging technology, it’s crucial to separate hype from reality.
|
By Razorthorn
By James Rees, MD, Razorthorn Security Times must change (and always will) and nowhere is this more true than in the realm of technological advancement. Thirty years ago, the technological landscape was vastly different from what we have today and technological change has outpaced Moore’s Law for some time now. Information security must keep pace with these advancements. This has become especially true with the advent of AI.
|
By Razorthorn
By Michael Aguilera, Lead Penetration Tester, Razorthorn Security Over the past decade, crowdsourced penetration testing has grown in popularity because of its convenience and cost effectiveness. However, this surge in popularity does not come without its caveats. In this blog, we’ll explore the benefits and risks of crowdsourced penetration testing, compare it with traditional methods and help you make an informed decision for your organisation’s cybersecurity needs.
|
By Razorthorn
The real work begins AFTER the incident is resolved. Learn why compliance standards like ISO & PCI-DSS require thorough post-mortems, action plans, and reporting to strengthen security posture.
|
By Razorthorn
Fixing an incident isn’t enough—you need to understand WHY it happened. Learn how the 5 Whys technique helps cybersecurity teams drill down into root causes and prevent repeat failures.
|
By Razorthorn
Communication is key during a security incident. From board reports to external disclosures, having a structured comms plan can prevent reputational damage. Learn why pre-written templates and clear internal messaging are vital.
|
By Razorthorn
What happens when a security breach involves someone you trust? In cybersecurity, investigating a co-worker or even a friend can be a harsh reality. Discover how to stay objective, remove emotion, and focus on the facts when handling insider threats.
|
By Razorthorn
Incident response is non-negotiable in cybersecurity. No matter how many countermeasures you have, breaches will happen. Learn why every security professional must master incident response protocols to mitigate damage effectively.
|
By Razorthorn
Our latest episode brings in security expert Iain Pye, who shares military tales with me, your host James Rees, about what really happens when everything goes wrong. We get stuck into the nitty-gritty of incident response - the sleepless nights, the pressure from executives, and how to keep your team going when they're running on fumes.
|
By Razorthorn
Are CISOs too competitive for their own good? Security leaders face the same threats, yet many work in silos. This clip explores why collaboration is key to reducing risk and protecting businesses.
|
By Razorthorn
CISOs are now personally liable for security failures. How can they protect themselves from legal action and reputational damage? Learn the key risk management strategies every CISO needs to reduce exposure.
|
By Razorthorn
Hackers are influencing politics more than ever—from cyber espionage to nation-state attacks. This clip explores the intersection of cyber warfare, geopolitics, and emerging security threats.
|
By Razorthorn
Incident response is more than just stopping ransomware. CISOs must focus on governance, compliance, and risk mitigation to avoid legal liability. Learn how security leaders can prepare for worst-case scenarios.
- February 2025 (17)
- January 2025 (19)
- December 2024 (16)
- November 2024 (8)
- October 2024 (17)
- September 2024 (16)
- August 2024 (20)
- July 2024 (19)
- June 2024 (13)
- May 2024 (20)
- April 2024 (24)
- March 2024 (18)
- February 2024 (17)
- January 2024 (16)
- December 2023 (21)
- November 2023 (20)
- October 2023 (15)
- September 2023 (23)
- August 2023 (17)
- July 2023 (19)
- June 2023 (24)
- May 2023 (19)
- April 2023 (10)
- March 2023 (21)
- February 2023 (23)
- January 2023 (1)
- December 2022 (2)
- November 2022 (13)
- October 2022 (4)
- September 2022 (1)
- August 2022 (3)
- July 2022 (4)
- June 2022 (2)
- April 2022 (3)
- February 2022 (3)
- January 2022 (4)
- October 2021 (1)
- August 2021 (2)
- July 2021 (3)
- June 2021 (5)
- May 2021 (5)
- April 2021 (1)
- March 2021 (1)
- October 2020 (1)
- May 2020 (1)
- April 2020 (1)
Razorthorn has a single purpose: to defend business-critical data and applications from cyber attacks and internal threats. Founded in 2007, Razorthorn has been delivering expert security consulting and testing services to some of the largest and most influential organisations in the world, including many in the Fortune 500.
Leaders in Cyber Intelligence:
- Cyber Security Consultancy: Delivering professional and dedicated consultants to our clients, we are specialists in all areas of cyber security consulting. Whether you need help with cyber security compliance or require CISO services, we work closely with our clients to provide short term or ongoing support, in line with your requirements and budget.
- Cyber Security Testing: It is essential to test your cyber security posture regularly, whether it’s a requirement for compliance or to ensure you are getting value for money from your cyber security solutions. In addition to pen testing, Razorthorn offer a comprehensive suite of cyber security testing services to ensure your data and business reputation is as secure as possible.
- Managed Services: We provide 24/7 managed cyber security services, working as an extension to your in house team or as your dedicated managed services partner. You will benefit from the skills and expertise of our team, the cost efficiency and flexibility that comes with outsourcing to a specialist service provider.
- Cyber Security Solutions: We work in partnership with hand-picked, industry leading solution providers, carefully selected for quality, effectiveness and to complement the services we offer.
Defending businesses against cyber attacks since 2007.