As we begin 2025, the cybersecurity landscape faces unprecedented change. Recently, on the Razorwire Podcast, I was joined by industry experts Richard Cassidy and Oliver Rochford who shared their insights about emerging threats, market dynamics and technological evolution that will shape security strategies in the coming year. From the rise of AI-powered threats to complex regulatory challenges, their analysis revealed both opportunities and risks that organisations must navigate.

By James Rees, MD, Razorthorn Security From 2020 to 2024, cybersecurity underwent a transformative period that reshaped the industry. This era witnessed several significant high profile security breaches, whilst the World Economic Forum recognised cybersecurity as one of the top ten threats to global economic stability.

By James Rees, MD, Razorthorn Security The landscape of cybersecurity awareness has changed dramatically in the last 25 years. What began as simple password guidance and basic IT training has evolved into a complex web of security challenges that organisations must navigate daily. Back in December 1999, the world held its breath waiting for the Y2K bug to wreak havoc on computer systems globally.

By James Rees, MD, Razorthorn Security Human-related security failures are rarely about incompetence. Most organisations view security as a problem to be solved through training modules, awareness campaigns and strict policies, yet beneath this mechanical approach lies a deeper truth: our relationship with security at work mirrors our basic human needs for safety, belonging and professional dignity.

By James Rees, MD, Razorthorn Security In an era of interconnected services and external partnerships, two critical security challenges loom large: third party risk and insider threats. Recent events highlight these concerns – from the massive breach of Social Security numbers through a service provider to the CrowdStrike incident that grounded major airlines, causing hundreds of millions in damages.

By James Rees, MD, Razorthorn Security In today’s complex cybersecurity landscape, Governance, Risk and Compliance (GRC) tools have become essential for organisations managing intricate security ecosystems. These tools are designed to centralise information, streamline processes and offer crucial insights into an organisation’s risk posture. However, as cybersecurity expert Jack Jones revealed when he joined me on a recent podcast, the reality often falls short of these ambitious claims.

The cybersecurity industry is known for its cutting edge technology and constant evolution, but beneath the surface of firewalls and threat detection lies a aspect that’s discussed less regularly: the mental health and wellbeing of its professionals. As cyber threats grow more sophisticated, so too does the pressure on those tasked with defending against them.

By James Rees, MD, Razorthorn Security In the rapidly evolving world of cybersecurity, artificial intelligence (AI) and large language models (LLMs), have become buzzwords that seem to promise revolutionary solutions. However, as with any emerging technology, it’s crucial to separate hype from reality.

By James Rees, MD, Razorthorn Security Times must change (and always will) and nowhere is this more true than in the realm of technological advancement. Thirty years ago, the technological landscape was vastly different from what we have today and technological change has outpaced Moore’s Law for some time now. Information security must keep pace with these advancements. This has become especially true with the advent of AI.

By Michael Aguilera, Lead Penetration Tester, Razorthorn Security Over the past decade, crowdsourced penetration testing has grown in popularity because of its convenience and cost effectiveness. However, this surge in popularity does not come without its caveats. In this blog, we’ll explore the benefits and risks of crowdsourced penetration testing, compare it with traditional methods and help you make an informed decision for your organisation’s cybersecurity needs.