|
By Razorthorn
Razorthorn has worked with wide range of technically savvy clients who are confident they would spot a fake, but confidence is exactly what makes deepfake fraud so effective. In 2024, a finance manager at engineering firm Arup transferred $25 million to fraudsters after taking part in a video call with what appeared to be his CFO and several colleagues. Every person on that call was fabricated. None of it was real.
|
By Razorthorn
Your third party suppliers probably aren’t as secure as you think they are. SecurityScorecard’s 2025 Global Third Party Breach Report found that at least 35.5% of all data breaches in 2024 originated from third party compromises. That’s not a minor risk you can ignore. The numbers tell a stark story. But here’s what most organisations miss: the real figure is likely higher since many breaches aren’t disclosed or are mistakenly reported as internal incidents.
|
By Razorthorn
Let’s get right to it: Razorthorn Security helps organisations achieve and maintain PCI DSS compliance through expert consultancy, gap analysis and preparation for formal assessment and has been recognised by Gartner as a market leader in PCI DSS QSA services. If you’re handling payment card data, you’ll need qualified support to navigate the 500+ controls that PCI DSS demands.
|
By Razorthorn
Passwords were invented in the 1960s. Six decades later, we’re still using them to protect everything from email accounts to bank transfers to corporate networks. The problem isn’t just that they’re old technology, it’s that they were never designed for the world we live in now.
|
By Razorthorn
Guest post by Capsule Cyber insurance has rapidly evolved from being considered a specialist offering to a critical pillar of modern risk management. Yet many businesses still misunderstand what it covers and just as importantly, what it doesn’t do.
|
By Razorthorn
When it comes to cyber insurance for SMEs, many small and medium-sized enterprises believe that cyber insurance feels like an optional extra, not a necessity, something to worry about later. This risk-taking attitude is often driven by various common misconceptions: The opposite is often true. Smaller businesses are frequently seen as easier targets due to limited budgets, lean security teams, and less mature cyber defences.
|
By Razorthorn
By James Rees, MD, Razorthorn Security The Digital Operational Resilience Act (DORA) isn’t just another regulatory hurdle to clear. It’s fundamentally changing how financial institutions think about operational risk, particularly when it comes to the third party providers that now handle much of their critical technology infrastructure. DORA third party compliance has become a critical priority for EU financial institutions since the regulation came into force in January 2025.
|
By Razorthorn
By James Rees, MD, Razorthorn Security The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.
|
By James Rees
The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.
|
By James Rees
Continuous Threat Exposure Management (CTEM) is gaining increasing recognition as a crucial component for mature cybersecurity programmes. Both Gartner and Forrester have highlighted CTEM as “a strategic imperative,” underscoring its importance in addressing modern cyber risks. This recognition is well founded, as demonstrated by recent cyberattacks on major organisations including Marks & Spencer, Co-op, Harrods, the NHS and American healthcare institutions.
Should organisations pay ransomware demands? Canvas recently paid after a breach exposed student data. Now US Congress is questioning whether payments should be illegal. In this episode of Razorwire Raw, James Rees tackles the ransomware payment dilemma. Ransomware groups operate like commercial organisations - if they don't honour agreements to delete data after payment, nobody would pay them. Some negotiators have been caught telling attackers what insurance payouts will cover.
It took 10 minutes and a free online tool to deepfake Jim’s voice, with no expertise and no cost involved.
Cyber warfare is no longer theoretical. Nation states are actively targeting critical infrastructure, utilities and government systems. AI is accelerating offensive capabilities and most organisations aren't prepared. In this episode of Razorwire Raw, James Rees discusses the reality of cyber warfare and what's coming. State-sponsored attacks and government-backed cyber operations are already happening at scale.
People stop answering the phone when every call sounds like the same recycled script pushed through the same tired sequence. Different buyers want different approaches, so if you cannot explain your value clearly and naturally, the call is over before it starts.
OpenAI just announced Daybreak, their cybersecurity AI model with three tiers of access. GPT-5 handles general work. GPT-5.5 does secure code reviews, vulnerability triage, malware analysis and patch validation. GPT-Cyber handles red teaming and penetration testing. In this episode of Razorwire Raw, James Rees explains what Daybreak means for the cybersecurity industry and why vulnerability scanning companies, pentesting firms and security tool vendors should be concerned.
Sales desperation often starts higher up the chain, where investor pressure, weak go to market planning and unrealistic growth targets shape bad behaviour. When companies measure the wrong things, they create scripted, frantic sales motions that annoy buyers and burn trust fast.
|
By Razorthorn Security
Technical skill opens doors, but communication is what gets ideas accepted by leadership. In cybersecurity, the real challenge is often turning complex risk into clear business language that a CEO, CTO or CFO understands straight away.
|
By Razorthorn Security
Bad sales habits often come from low effort, low curiosity and people who stop learning once they land the role. When sales becomes lazy, every decent salesperson has to fight twice as hard to rebuild trust with buyers who are already tired of being spammed.
|
By Razorthorn Security
The biggest mistake is assuming persistence alone will win the deal. Repeating the same message and listing product features without understanding the real pain points makes the whole approach feel tone deaf from the start.
|
By Razorthorn Security
Nothing kills trust faster than pitching services to someone who already does that work for a living. If your outreach is auto generated, poorly targeted and built on zero research, most CISOs will write you off before you ever get a second chance.
- May 2026 (18)
- April 2026 (29)
- March 2026 (24)
- February 2026 (23)
- January 2026 (20)
- December 2025 (23)
- November 2025 (27)
- October 2025 (24)
- September 2025 (20)
- August 2025 (23)
- July 2025 (24)
- June 2025 (20)
- May 2025 (13)
- April 2025 (16)
- March 2025 (20)
- February 2025 (17)
- January 2025 (19)
- December 2024 (16)
- November 2024 (8)
- October 2024 (17)
- September 2024 (16)
- August 2024 (20)
- July 2024 (19)
- June 2024 (13)
- May 2024 (20)
- April 2024 (24)
- March 2024 (18)
- February 2024 (17)
- January 2024 (16)
- December 2023 (21)
- November 2023 (20)
- October 2023 (15)
- September 2023 (23)
- August 2023 (17)
- July 2023 (19)
- June 2023 (24)
- May 2023 (19)
- April 2023 (10)
- March 2023 (21)
- February 2023 (23)
- January 2023 (1)
- December 2022 (2)
- November 2022 (13)
- October 2022 (4)
- September 2022 (1)
- August 2022 (3)
- July 2022 (4)
- June 2022 (2)
- April 2022 (3)
- February 2022 (3)
- January 2022 (4)
- October 2021 (1)
- August 2021 (2)
- July 2021 (3)
- June 2021 (5)
- May 2021 (5)
- April 2021 (1)
- March 2021 (1)
- October 2020 (1)
- May 2020 (1)
- April 2020 (1)
Razorthorn has a single purpose: to defend business-critical data and applications from cyber attacks and internal threats. Founded in 2007, Razorthorn has been delivering expert security consulting and testing services to some of the largest and most influential organisations in the world, including many in the Fortune 500.
Leaders in Cyber Intelligence:
- Cyber Security Consultancy: Delivering professional and dedicated consultants to our clients, we are specialists in all areas of cyber security consulting. Whether you need help with cyber security compliance or require CISO services, we work closely with our clients to provide short term or ongoing support, in line with your requirements and budget.
- Cyber Security Testing: It is essential to test your cyber security posture regularly, whether it’s a requirement for compliance or to ensure you are getting value for money from your cyber security solutions. In addition to pen testing, Razorthorn offer a comprehensive suite of cyber security testing services to ensure your data and business reputation is as secure as possible.
- Managed Services: We provide 24/7 managed cyber security services, working as an extension to your in house team or as your dedicated managed services partner. You will benefit from the skills and expertise of our team, the cost efficiency and flexibility that comes with outsourcing to a specialist service provider.
- Cyber Security Solutions: We work in partnership with hand-picked, industry leading solution providers, carefully selected for quality, effectiveness and to complement the services we offer.
Defending businesses against cyber attacks since 2007.