Emerging threats
How to prevent data breaches caused by human error
Human error contributes to up to 95% of data breaches, according to a recent 2024 study by Mimecast. Despite sophisticated cybersecurity tools, a single misdirected email, weak password, or accidental data exposure can lead to severe financial and reputational damage.
Why due diligence is a key component of a robust Information Security strategy
Due diligence is not just a regulatory requirement but a fundamental component of a robust information security strategy.
When did you last audit your suppliers?
Many organisations overlook a proactive approach to supply chain management until they experience a data breach or other cyber incident—which can be a very costly mistake.
Supply chain assurance and effective Business Continuity
Explaining how digital incidents severely impact the real world can be difficult, but we are increasingly seeing cyber incidents that illustrate how malicious actors can impact our daily lives.
Why do I need an information security gap analysis?
If you’re responsible for or involved with Information Security in your organisation, when you’re planning for the year ahead, your risk and compliance activities likely have a prominent space on your to do list.
Are you on track for ISO 27001:2022?
On 31 October 2025 the 2022 edition of ISO 27001 will supersede the previous versions and you’ll need to prove your compliance to the updated Standard.
Supply chain: Is your security entirely in your hands?
In short, the answer is no. There’s a reason Verizon coined the term, ‘supply chainpocalypse’ in their 2022 Data Breach Investigations Report.
How to mitigate third-party digital risk
Every organisation is facing a myriad of third-party digital risks; whether that’s criminal-led (the most common), state-led, hacktivists or commercial espionage driven.
When is a good time to do a cyber maturity assessment?
Most of us love data, especially when it gives us a sense of progress. I say this as a confirmed FitBit tragic who lives for yet another point on my ‘cardio fitness’ score.
What’s the point of a cyber security maturity assessment?
At worst, information assurance consultancy can risk feeling like paying somebody merely to tell you what you already really know; or even performing work that, at least theoretically, you could do yourself.
The importance of Identity and Access Management
When we help our clients with their cyber and information security, one area that we sometimes find neglected is identity and access management (IAM).
Information security and the supply chain
As best practice, being able to address security requirements with your critical service providers is consistently included in all of the major cyber security standards.
