Security Guidance
Practical cyber security guidance to support safe, secure working for all organisations, covering everyday risks, controls and good practice.
-
Cyber Tabletop
Read more: Cyber TabletopCyber tabletop exercises are one of the simplest ways to understand how an organisation would respond to a real incident – before one happens. Most organisations have plans. Incident response, business continuity, disaster recovery. On paper, they often look complete. The difficulty is knowing whether they hold up once people have to use them under…
-
Password Best Practices
Read more: Password Best PracticesPasswords are still one of the most common ways systems are accessed, and one of the most common ways they’re compromised. The issue isn’t usually awareness, it’s habit, more specifically, the habits that well-intentioned rules have encouraged. Complex character requirements and frequent resets often lead to predictable patterns and passwords that look strong but aren’t.…
-
Phishing and Social Engineering
Read more: Phishing and Social EngineeringMost successful attacks don’t begin with sophisticated technical exploits. They begin with a message (an email, a text, a phone call), designed to make someone do something they wouldn’t otherwise do. Phishing and social engineering remain among the most effective methods available to attackers precisely because they target human judgement rather than technical defences. The…
-
What is Ransomware?
Read more: What is Ransomware?Ransomware remains one of the most disruptive cyber threats organisations face. Its impact is rarely limited to IT systems. When it lands properly, it affects operations, delivery, and in some cases the organisation’s ability to function at all. Most organisations are aware of ransomware. Fewer have a clear sense of how it would play out…