Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Why Assumed Breach Scenarios Matter in Modern Cybersecurity
The castle-and-moat model is simple: build strong perimeter defences, trust everything inside. Firewalls, VPNs, and access controls create a protective shell, and the business assumes safety within that shell. But today’s attackers don’t always need to scale the walls. They can: Once inside, attackers move laterally, escalate privileges, and seek valuable targets like domain controllers, email servers, and customer data.
Fantastic Notes and Where to Find Them
Notepad has been a fundamental tool since its debut in Windows 1.0 back in 1983. Over the years, it has served countless users for everything from jotting down quick notes to temporarily storing sensitive data such as passwords, phone numbers, and email addresses, due to its simplicity and ease of use. Many users, including myself, often rely on Notepad for this kind of temporary storage. It’s common to quickly paste sensitive information into a blank tab for convenience.
Data protection in the age of AI: GDPR considerations for businesses using AI tools
The GDPR sets out clear principles for how personal data should be handled. Here are some that AI tools can easily clash with.
PCI DSS & penetration testing: Securing online retail transactions
The Payment Card Industry Data Security Standard, or PCI DSS, is a set of globally recognised requirements designed to ensure that all companies that process, store, and transmit credit card data continually maintain a secure environment. It doesn’t matter whether you’re a small independent store or a large e-com brand, if your business handles payment data directly or through a payment gateway, PCI DSS applies to you.
vCISO or Fractional CISO: Which Is Right for Your Business?
A virtual Chief Information Security Officer (vCISO) is a senior cybersecurity leader who works remotely with your business, typically on a part-time, retainer, or per project basis. They bring with them the expertise of a full-time CISO minus the expense of hiring one in-house. vCISOs tend to be brought in to help shape security, strategy, manage risk, and guide businesses through compliance frameworks such as GDPR, ISO 27001, or Cyber Essentials.
Testing the Unthinkable Real World Lessons from Red Team Operations: 15 May 2025
Dom Mortimer, Red Team Manager, explores how red teaming simulates real-world adversarial tactics to improve detection and response capabilities and build resilience. Using case studies, learn how red teaming drives measurable improvements, fosters collaboration with security teams, and enhances organisational security culture.
Cyber Essentials Willow - What you need to know
On April 28, the new 'Willow' question set will be a requirement as part of your Cyber Essentials assessment. But what does this mean going forwards? In this video, Luke Peach, Head of Compliance Services, examines 5 of the key changes being introduced.
Why Internal Infrastructure Pen Testing is as Important as External
Penetration testing (or ‘pen testing’) is a critical cyber security practice that helps businesses identify and fix vulnerabilities before attackers can exploit them. However, most businesses prioritise external threats, such as phishing, malware, and network breaches, while overlooking threats and risks that exist within the network.