The cost of living crisis is affecting us all. Energy bills are soaring, petrol prices have reached record highs and, as the BBC reported this week, even the humble cheese sandwich has been struck by inflation. Despite these rising costs, one area that remains unchanged is digital transformation. Organisations worldwide are investing in technologies at an unprecedented rate, with an IDC study published last year reporting that digital transformation spending is expected to hit $3.4 trillion (£2.73 trillion) by 2026. These estimates are driven by organisations’ desire to automate projects and t ..read more

Insider threats are one of the most difficult security challenges that organisations face. Staying safe isn’t simply about stopping criminal hackers from breaking into your systems, because the vulnerabilities already inside your organisation. A malicious threat can be an employee, contractor or business partner who is liable to leak sensitive information. Preventing this from happening requires a nuanced approach to information security, and it’s one that organisations are increasingly struggling with. According to the 2022 Verizon Data Breach Investigations Report, insider threats account fo ..read more

Data minimisation is a key part of information security and the GDPR (General Data Protection Regulation) in particular. Its principles are at the heart of effective data protection practices, and are intended to prevent privacy breaches and minimise the damage when security incidents occur. What is data minimisation? Data minimisation requires organisations to process personal data only if it serves a specific purpose, and to retain it for only as long as it’s needed to meet that purpose. Article 5(1) of the GDPR provides further guidance, explaining that organisations should consider three f ..read more

Malware is one of the most common cyber security threats that organisations and individuals face. Whenever someone talks about their computer being infected, encountering =bots or even falling victim to a scam email, malware is normally involved. It’s why anti-malware software is usually considered a top priority for staying safe online. However, those tools are not flawless. For example, they can only spot known types of malware, and according to the AV-Test Institute, almost half a million new types of malware are detected each day. But how exactly does malware work? In this blog, we explain ..read more

It’s almost time to wrap up your prized possessions and put them in a safe place, because this Friday marks World Backup Day. The international event takes place on 31 March and aims to raise awareness of the importance of securing valuable data. According to the event’s organisers, 21% of people have never made backups of important files, whether that’s family photos, business documents or work files. It’s a baffling statistic, because digital media is ubiquitous in our everyday lives and there is always a chance of those files being compromised. For instance, documents can be corrupted in a ..read more

Cyber incident investigation is one of the most crucial skills that an organisation can master. With countless information security threats looming over your business, you need to understand that data breaches are inevitable. When you come to this realisation, you can implement an incident response plan that helps you identify and investigate security threats. This ensures that you can respond promptly when disaster strikes, mitigating the damage, and saving your organisation time and money. But how exactly should you investigate a cyber incident? We explain everything you need to know in this ..read more

Organisations that suffer security incidents are sometimes said to be victims of “cyber extortion”, but it’s often unclear what exactly that phrase means. Most of us understand what cyber attacks and online scams are, and many people are familiar with ransomware, which is a type of cyber attack in which people are blackmailed into handing over money. But how does this differ from extortion? Put simply, cyber extortion is an umbrella term for a variety of cyber crimes. It can be used whenever criminal hackers force victims to do something after compromising their systems. Ransomware is a type o ..read more

Access control is often considered an essential component of information security, and for good reason. It’s one of the most basic steps that organisations can take to protect their sensitive data, and it’s also among the most versatile. Restricting access to certain systems reduces the risk of several cyber security risks, and it also limits the possibility of malicious insiders wreaking havoc. It’s why every organisation that stores sensitive information online must have access controls. But what exactly are they and how do they work? We explain everything you need to know in this blog. How ..read more

Cyber attacks are like earthquakes. There is the immediate shockwave when an incident occurs, as you hurry to identify the source of the breach, plug the vulnerability and fulfil your immediate regulatory requirements. Then come the secondary waves that produce new problems. For example, how have essential operations been affected, and what are you doing to protect and restore your reputation? Organisations often overlook the damage that these lingering problems cause, and the consequences can be far more expensive than they bargained for. According to one report, organisations could spend £3 ..read more

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. Whether they’re taking small steps, such as installing antivirus software, or large ones, such as a GDPR (General Data Protection Regulation) compliance campaign, they consider it ‘job done’ when the implementation project is complete. That’s a problem when cyber risks are constantly evolving, as is the way your organisation operates. Weaknesses will quickly appear as criminal hackers discover new techniques and you move to new processes that create additional vulner ..read more