Are you ready to close this book? What a journey 2021 has been. We’ve extremely enjoyed seeing our customers face-to-face and online, and building stronger relationships by understanding their challenges — because it’s what we do! 2021 did read through like a thriller book of phishing scams and ransomware attacks. And as a typical thriller, some […]
07
Dec
Dec
We often hear the question: “Should we perform Red Team Testing without a Blue Team?” The answer is yes and let’s explain this answer by starting with a reminder of the objective of performing Red Team Testing – to verify the effectiveness of the security controls implemented in the organisation’s people, process, facilities and technology. […]
22
Nov
Nov
More than often when organisations are directed by the board to deploy a Red Team test, there is often confusion on what testing should encompass. Many often think Red Team testing is just robust penetration test – but in fact, each have many differences. Although there are some similarities, they differ not only in terms […]
07
Oct
Oct
Typically, ROI is seen as money spent vs money received to see if the investment is profitable. In this case, it is the security testing investment vs savings (average cost of a breach minus security testing cost). If you are curious about why a red team test improves testing ROI and how to gain an […]
21
Sep
Sep
There is no doubt that the number of qualified and available cyber security experts is decreasing. A study by the Center of Cyber Safety and Education identified that there may be close to 100,000 unfilled UK cyber security jobs by 2022. With this staggering statistic, it’s no wonder why many organisations battle to fill the […]
15
Sep
Sep
Software companies have naturally embraced the cloud. It provides countless benefits for their clients, ranging from the lack of installation or maintenance of on-premises solutions to the ease of scalability. However, with benefits come risks as it provides Threat Actors with a single, centralised internet-facing target. Consequently, security becomes paramount. If you are a SaaS […]
08
Sep
Sep
This is a guest article written by Ty Brush. The author’s views are entirely his own and do not necessarily reflect the views of Risk Crew. Enjoy! Many European and UK organisations are already ISO 27001 (Information Security Management) certified, and rightfully so as the International Information Security Standard (ISO 27001) serves as the principal cyber security standard […]
12
Aug
Aug
Introduction Whitelisting is a cyber security strategy where a user granted administrative rights could take action on their computer. However, rather than attempting to keep one stride in front of threat attackers to recognise and obstruct malicious code, the IT staff would rather order a rundown of supported applications that a computer or a mobile […]
04
Aug
Aug
As expected, in Q2 this year, cyber criminals shifted their focus to cloud-based apps. A report by Netspoke revealed that 68% of all downloads with malware attached, were dispersed from cloud apps. Now that companies heavily rely on cloud-based services for connectivity and collaboration purposes to support working from home environments – attackers are turning […]
28
Jul
Jul
So, here is the scenario: you’re sitting at your desk working away and suddenly realise an attacker has taken over your screen. The threat actor is now demanding a hefty payment in exchange to release access to the system. You immediately report the incident to the Chief Information Officer and wait nervously to see what […]