This month we celebrate 8 years of 2|SEC Consulting. To reminisce, I have been looking at some penetration test reports we took on when we started out. Before you wangle the GDPR data retention carrot at me, these reports are of course redacted with information kept for statistical purposes only. What I’m seeing, is that […]
2|SEC Consulting – Happy 8th Birthday! Read More »
On Friday 9thAugust 2019, it went dark across many parts of the UK. Train networks stopped and communters were facing an inability to get home due to hours of cancellations, described by Bloomberg as a ‘once-in-a-decade blackout’. The cause? A seemingly unlikely event where two power stations simultaneously went offline. Just a few minutes of
Blackouts: Don’t leave your company in the dark Read More »
In July 2018, The Law Society and the National Cyber Security Centre released a joint report outlining the threats to the legal sector. The report confirmed what most of us working in the sector knew – that the industry has a low level of cyber maturity meaning that weak controls on one side, and the
Cyber Security within the Legal Sector Read More »
Penetration Testing, Pen Testing, Red Teaming, Security Assessment, IT Health Check and Ethical Hacking are common phrases that describe what we do, that ultimately all mean the same thing – whether or not a determined adversary can gain unauthorised access to your systems. This can be further broken down into Black, Grey and White box
Introduction to Penetration Testing Read More »
It has been estimated that becoming fully PCI compliant gets you no more than 47% of the way towards a recognised industry standard for information security. In this case, ISO 27001:2013. The chart below shows a comparison of how the PCI DSS requirements stack up to the ISO 27001 control objectives: While this is a
PCI DSS – A start, not the end, for the business Read More »
Supplier Due Diligence – do your existing suppliers take security seriously? As businesses become more reliant upon their suppliers within the digital age, it is essential that these relationships are reviewed and monitored to ensure security is being addressed and improved. Companies conducting new business will usually put their new suppliers through a vigorous due
Supplier Due Diligence – do your existing suppliers take security seriously? Read More »
2|SEC Consulting are a Strategic Sponsor of the 19th PCI London event in July 2019, where you can hear from our experts through our keynote presentation and meet the team. For over 20 years, AKJ Associates has provided exclusive networking events for senior security stakeholders and service suppliers around the globe. The 19th PCI London will look at the latest in the processes and technologies used to
2|SEC Consulting are a Strategic Sponsor of the 19th PCI London event in July 2019 Read More »
As the short days get colder, one threat to UK businesses gets greater. One of few weather’s in the UK that can bring businesses, schools, roads and transport to a standstill. The white, snowflakes that bring joy to children’s faces and terror to business owners. Within a few hours, the UK can come to a
The UK Snow Effect: Tips for Business Continuity Read More »
By gaining certification or aligning your business to ISO 27001 (Information Security Management), you are demonstrating that you have identified the risks, assessed the implications and implemented controls to limit damage to the organisation. As well as building the confidence of your clients and suppliers, you are also increasing the reliability and security of your
How do I achieve and maintain ISO 27001 compliance? Read More »
