|
By Razorthorn
Razorthorn has worked with wide range of technically savvy clients who are confident they would spot a fake, but confidence is exactly what makes deepfake fraud so effective. In 2024, a finance manager at engineering firm Arup transferred $25 million to fraudsters after taking part in a video call with what appeared to be his CFO and several colleagues. Every person on that call was fabricated. None of it was real.
|
By Razorthorn
Your third party suppliers probably aren’t as secure as you think they are. SecurityScorecard’s 2025 Global Third Party Breach Report found that at least 35.5% of all data breaches in 2024 originated from third party compromises. That’s not a minor risk you can ignore. The numbers tell a stark story. But here’s what most organisations miss: the real figure is likely higher since many breaches aren’t disclosed or are mistakenly reported as internal incidents.
|
By Razorthorn
Let’s get right to it: Razorthorn Security helps organisations achieve and maintain PCI DSS compliance through expert consultancy, gap analysis and preparation for formal assessment and has been recognised by Gartner as a market leader in PCI DSS QSA services. If you’re handling payment card data, you’ll need qualified support to navigate the 500+ controls that PCI DSS demands.
|
By Razorthorn
Passwords were invented in the 1960s. Six decades later, we’re still using them to protect everything from email accounts to bank transfers to corporate networks. The problem isn’t just that they’re old technology, it’s that they were never designed for the world we live in now.
|
By Razorthorn
Guest post by Capsule Cyber insurance has rapidly evolved from being considered a specialist offering to a critical pillar of modern risk management. Yet many businesses still misunderstand what it covers and just as importantly, what it doesn’t do.
|
By Razorthorn
When it comes to cyber insurance for SMEs, many small and medium-sized enterprises believe that cyber insurance feels like an optional extra, not a necessity, something to worry about later. This risk-taking attitude is often driven by various common misconceptions: The opposite is often true. Smaller businesses are frequently seen as easier targets due to limited budgets, lean security teams, and less mature cyber defences.
|
By Razorthorn
By James Rees, MD, Razorthorn Security The Digital Operational Resilience Act (DORA) isn’t just another regulatory hurdle to clear. It’s fundamentally changing how financial institutions think about operational risk, particularly when it comes to the third party providers that now handle much of their critical technology infrastructure. DORA third party compliance has become a critical priority for EU financial institutions since the regulation came into force in January 2025.
|
By Razorthorn
By James Rees, MD, Razorthorn Security The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.
|
By James Rees
The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.
|
By James Rees
Continuous Threat Exposure Management (CTEM) is gaining increasing recognition as a crucial component for mature cybersecurity programmes. Both Gartner and Forrester have highlighted CTEM as “a strategic imperative,” underscoring its importance in addressing modern cyber risks. This recognition is well founded, as demonstrated by recent cyberattacks on major organisations including Marks & Spencer, Co-op, Harrods, the NHS and American healthcare institutions.
|
By Razorthorn Security
This episode looks at what happens when AI starts finding vulnerabilities at scale, restricted access creates market imbalance, and security teams struggle to keep pace. It covers fragile infrastructure, bug brokers, overloaded analysts, CISO fear, and the growing sense that cyber defence is entering a faster and harsher era.
|
By Razorthorn Security
Every organisation depends on data, which makes information security central to how the business survives and grows. The clip argues that security leaders should stop shrinking themselves in front of boards, stop catastrophising without answers, and take their place as serious decision makers.
|
By Razorthorn Security
The future is bigger than arguments between cyber, privacy, AI and business continuity specialists. Organisational resilience offers a clearer way to think about protection, bringing these competing disciplines together under one practical goal.
|
By Razorthorn Security
Anthropic's Project Glasswing and Mythos Preview model represent a seismic shift in cybersecurity. This AI is specifically tuned for vulnerability discovery, code review and security hardening at unprecedented speed. In this episode of Razorwire Raw, Jim Rees breaks down what Project Glasswing actually means for information security professionals and the concerns nobody's talking about yet.
|
By Razorthorn Security
Security teams often buy tools the way someone buys marathon gear, hoping the equipment alone will make them ready. Real security needs commitment, routine, leadership and follow through, because preparation is what matters when the hard day arrives.
|
By Razorthorn Security
Claims about being GDPR compliant often come from people selling certainty where none exists. The point is not to buy a magic fix or a shiny platform, but to recognise that data protection is ongoing work, not a finished state you can simply declare.
|
By Razorthorn Security
People entering InfoSec face a flood of opinions, hot takes and polished content from voices who have not done the real work. The clip calls out false prophets and influencers who sound credible online, while making it harder for newcomers to tell genuine expertise from noise.
|
By Razorthorn Security
One of the biggest security problems is speed, not a lack of tools. Constant pressure, tired judgement and endless cognitive load make people more likely to miss phishing, mishandle data and make poor decisions, so slowing down becomes a practical security control.
|
By Razorthorn Security
AI systems treat almost everything as a possible input channel, from PDFs and PowerPoints to text, music and more. Without a real separation between control plane instructions and data plane content, the attack surface keeps growing faster than most security programmes can contain.
|
By Razorthorn Security
People are installing powerful AI agents on everyday laptops without realising those tools can access files, emails and operating system functions. Once prompt injected, that agent can behave like a malicious version of its user, which turns convenience into a direct path for deletion, exfiltration and loss of control.
- April 2026 (19)
- March 2026 (24)
- February 2026 (23)
- January 2026 (20)
- December 2025 (23)
- November 2025 (27)
- October 2025 (24)
- September 2025 (20)
- August 2025 (23)
- July 2025 (24)
- June 2025 (20)
- May 2025 (13)
- April 2025 (16)
- March 2025 (20)
- February 2025 (17)
- January 2025 (19)
- December 2024 (16)
- November 2024 (8)
- October 2024 (17)
- September 2024 (16)
- August 2024 (20)
- July 2024 (19)
- June 2024 (13)
- May 2024 (20)
- April 2024 (24)
- March 2024 (18)
- February 2024 (17)
- January 2024 (16)
- December 2023 (21)
- November 2023 (20)
- October 2023 (15)
- September 2023 (23)
- August 2023 (17)
- July 2023 (19)
- June 2023 (24)
- May 2023 (19)
- April 2023 (10)
- March 2023 (21)
- February 2023 (23)
- January 2023 (1)
- December 2022 (2)
- November 2022 (13)
- October 2022 (4)
- September 2022 (1)
- August 2022 (3)
- July 2022 (4)
- June 2022 (2)
- April 2022 (3)
- February 2022 (3)
- January 2022 (4)
- October 2021 (1)
- August 2021 (2)
- July 2021 (3)
- June 2021 (5)
- May 2021 (5)
- April 2021 (1)
- March 2021 (1)
- October 2020 (1)
- May 2020 (1)
- April 2020 (1)
Razorthorn has a single purpose: to defend business-critical data and applications from cyber attacks and internal threats. Founded in 2007, Razorthorn has been delivering expert security consulting and testing services to some of the largest and most influential organisations in the world, including many in the Fortune 500.
Leaders in Cyber Intelligence:
- Cyber Security Consultancy: Delivering professional and dedicated consultants to our clients, we are specialists in all areas of cyber security consulting. Whether you need help with cyber security compliance or require CISO services, we work closely with our clients to provide short term or ongoing support, in line with your requirements and budget.
- Cyber Security Testing: It is essential to test your cyber security posture regularly, whether it’s a requirement for compliance or to ensure you are getting value for money from your cyber security solutions. In addition to pen testing, Razorthorn offer a comprehensive suite of cyber security testing services to ensure your data and business reputation is as secure as possible.
- Managed Services: We provide 24/7 managed cyber security services, working as an extension to your in house team or as your dedicated managed services partner. You will benefit from the skills and expertise of our team, the cost efficiency and flexibility that comes with outsourcing to a specialist service provider.
- Cyber Security Solutions: We work in partnership with hand-picked, industry leading solution providers, carefully selected for quality, effectiveness and to complement the services we offer.
Defending businesses against cyber attacks since 2007.