Blog

As threats in the digital realm evolve, the NIST Cyber security framework (CSF) 2.0 serves as a crucial resource to help businesses of all sizes, across industries to reinforce their defences against cyber security threats. This updated guidance focuses on a comprehensive set of standards, guidelines, and best practices and aims to streamline risk...

CrowdStrike’s new 2024 Global Threat Report has been creating some buzz around the latest trends in the cyberattacks, and we are here to make the key takeaways from the main topics that were talked about in the report more accessible to you. To summarise, the cyberattacks ecosystem have been increasing and here are certain figures to keep in mind-...

Open-source intelligence (OSINT) is the practice of gathering, analyzing, and using information from publicly available sources. This can include data from websites, social media, news articles, government reports, and other sources that can be legally and ethically collected and analyzed. An OSINT exercise is a structured process of collecting and...

A penetration test, also known as a “pen test” or “ethical hacking,” is a simulated attack on a computer system, network, or web application to identify and exploit vulnerabilities. The goal of a penetration test is to assess the security of a system by attempting to gain unauthorised access, and to identify and evaluate potential vulnerabilities. Benefits...

A checklist that you can use to help achieve SOC 2 compliance: Review and understand the SOC 2 Trust Services Criteria (TSC) and select the appropriate type of SOC 2 report (Type 1 or Type 2). Most organisations start with Type 1 and Security (mandatory), Confidentiality and Availability. Conduct a risk assessment to identify and evaluate the potential...