Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Razorthorn has worked with wide range of technically savvy clients who are confident they would spot a fake, but confidence is exactly what makes deepfake fraud so effective. In 2024, a finance manager at engineering firm Arup transferred $25 million to fraudsters after taking part in a video call with what appeared to be his CFO and several colleagues. Every person on that call was fabricated. None of it was real.

Your third party suppliers probably aren’t as secure as you think they are. SecurityScorecard’s 2025 Global Third Party Breach Report found that at least 35.5% of all data breaches in 2024 originated from third party compromises. That’s not a minor risk you can ignore. The numbers tell a stark story. But here’s what most organisations miss: the real figure is likely higher since many breaches aren’t disclosed or are mistakenly reported as internal incidents.

Let’s get right to it: Razorthorn Security helps organisations achieve and maintain PCI DSS compliance through expert consultancy, gap analysis and preparation for formal assessment and has been recognised by Gartner as a market leader in PCI DSS QSA services. If you’re handling payment card data, you’ll need qualified support to navigate the 500+ controls that PCI DSS demands.

Passwords were invented in the 1960s. Six decades later, we’re still using them to protect everything from email accounts to bank transfers to corporate networks. The problem isn’t just that they’re old technology, it’s that they were never designed for the world we live in now.

Guest post by Capsule Cyber insurance has rapidly evolved from being considered a specialist offering to a critical pillar of modern risk management. Yet many businesses still misunderstand what it covers and just as importantly, what it doesn’t do.

When it comes to cyber insurance for SMEs, many small and medium-sized enterprises believe that cyber insurance feels like an optional extra, not a necessity, something to worry about later. This risk-taking attitude is often driven by various common misconceptions: The opposite is often true. Smaller businesses are frequently seen as easier targets due to limited budgets, lean security teams, and less mature cyber defences.

By James Rees, MD, Razorthorn Security The Digital Operational Resilience Act (DORA) isn’t just another regulatory hurdle to clear. It’s fundamentally changing how financial institutions think about operational risk, particularly when it comes to the third party providers that now handle much of their critical technology infrastructure. DORA third party compliance has become a critical priority for EU financial institutions since the regulation came into force in January 2025.

By James Rees, MD, Razorthorn Security The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.

The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.

Continuous Threat Exposure Management (CTEM) is gaining increasing recognition as a crucial component for mature cybersecurity programmes. Both Gartner and Forrester have highlighted CTEM as “a strategic imperative,” underscoring its importance in addressing modern cyber risks. This recognition is well founded, as demonstrated by recent cyberattacks on major organisations including Marks & Spencer, Co-op, Harrods, the NHS and American healthcare institutions.