Cybersecurity
Collection

Cyber resilience is an organisation’s ability to detect, prevent, respond, recover and learn from cybersecurity disruptions. Our cybersecurity collection explores common issues, trends and what organisations must do to prepare proactive and reactive solutions to and keep your assets safe.

Featured Insights

The Innovation vs. Technical Debt Tug of War
Technology leaders are exploring new ways to drive innovation and maximise the value of IT in a changing world driven by disruption and a need for...

New White House Cybersecurity Strategy Creates Additional Concerns for Businesses
The White House recently released a comprehensive national cybersecurity strategy that is sure to have a major impact on government agencies as well...

ISO 27001: 2022 - Key Changes and Approaches to Transition
This article will address the changes and updates to ISO 27001 standard published on October 25, 2022, and the approaches organizations can take to...

Podcast | IT Audit Perspectives on Today’s Top Technology Risks
The greatest IT audit concerns lie with cybersecurity-related breaches and related risk issues. Data governance and data integrity are being...
Managed Security Services

A Guide to pen testing and red teaming: What to know now
Penetration testing and red teaming are essentialcybersecuritypractices that bolster an organization’s security posture by uncovering...

Achieving Diversity’s Benefits in Cybersecurity
Could any security organisation benefit from greater innovation? Or from responding more effectively to diverse internal customers? How about...

Protecting the Enterprise: How a Well-Designed Security Analytics Programme Can Help
The purpose of security analytics in an organisation
Security metrics and the analysis of security information can be challenging concepts even for...

How can an enterprise use access management to establish a Zero Trust environment?
A hybrid RBAC, ABAC and PBAC framework is the best practice approach
A strong access management programme is foundational to establishing a Zero...
Data Protection

The Evolution of Attacker Behavior: 3 Case Studies
This blog post was authored by Mike Ortlieb, Director, Security and Privacy andChris Porter, Associate Director, Security and Privacy on ...

For $62.59, the 8 Character Password is Still Dead
Five years ago, we wrote a post called “The 8 Character Password is Dead,” which was an in-depth look at password cracking in 2017 and how eight...

PCI Security Standards Council Publishes New Versions of Self-Assessment Questionnaires
On April 29, 2022, the PCI Security Standards Council (PCI SSC) released new versions of the PCI DSS Self-Assessment Questionnaires (SAQs) ahead of...

PCI Security Standards Council publishes updated data security standard
DSS 4.0 addresses rapidly evolving threat environment and provides flexibility for how organisations can achieve compliance
On March 31, 2022, the...
Security Resilience

Cyber risk quantification for chaos management
The most important use of any risk assessment tool is that it must contribute to better decision making on how to manage individual risks. Whether...

Metrics’ role in cyber transformation
We’ve all heard the saying, “what gets measured gets done,” meaning that regular measurement and reporting helps to keep organisations focused on the...

Creating a resilient cybersecurity strategy: The governance lifecycle approach
Cybersecurity governance should do more than manage cyber risk. Goodcybersecuritygovernance creates efficiencies by clarifying the...

Enhancing cyber capabilities using a threat-driven strategy
Senior leaders focused oncybersecurityrecognise there is considerable guidance, best practices, frameworks, regulations and varied...
Security Architecture

Simple is secure: Streamlining smart contract design
For security teams looking to implement and design smart contracts, there are many intricacies and nuances that can be overwhelming. Using established...

Smart contracts part 1: What is a smart contract?
In recent years, there’s been considerable talk of blockchain and its use cases in the business world. While some of these topics have specific use...

Cybersecurity risk assessments vs. gap assessments: Why both matter
This blog post was authored by Rob Woltering - Associate Director, Security and Privacy on the technology insights blog.
As cybersecurity incidents...

3 Steps to Understanding IAM Challenges in Securing the DevSecOps Ecosystem
DevSecOps is an organisational software engineering culture and practice that aims at unifying software development (Dev), application security (Sec),...