Menu

Call us on 03450 21 21 51

The SRM Blog

cyber security

Filter by category
Filter by topic
Phishing is still the main attack method for hackers, according to new report

Phishing is still the main attack method for hackers, according to new report

A report from Cloudflare shows phishing emails remain the primary attack vector.   Global cloud platform Cloudflare has published a new study, analysing 250 million malicious emails sent between..

ISO 27001 & PCI DSS: a two-pronged approach to robust information security

ISO 27001 & PCI DSS: a two-pronged approach to robust information security

Using both standards together helps your business manage risks and improve resilience ISO 27001 and PCI DSS are powerful tools for establishing and maintaining comprehensive, robust security practices. While..

Alan Batey becomes PCI Qualified Security Assessor

Alan Batey becomes PCI Qualified Security Assessor

We are pleased to announce that Security Risk Management’s Alan Batey is now a PCI Qualified Security Assessor. Alan, who is a vastly experienced Computer Forensic Analyst and former..

Security Risk Management joins Arcanum Group

Security Risk Management joins Arcanum Group

We are pleased to announce that leading UK consultancy, Arcanum Information Security, has acquired a controlling interest in SRM in a move will see the two businesses align at..

Why you need to keep your patch management on point

Why you need to keep your patch management on point

There are three things that are certain in life: death, taxes and software updates rearing their heads at the most inconvenient time! We all know that feeling of preparing..

Cybersecurity performance: how should a business be measuring the success of its cybersecurity activity?

Cybersecurity performance: how should a business be measuring the success of its cybersecurity activity?

Measuring your cybersecurity performance is key to protecting your vital business assets When it comes to business performance, knowledge is power. Performance elements which are actively monitored and measured..

The power of 2FA: value, requirements and mandating

The power of 2FA: value, requirements and mandating

Two Factor Authentication (or 2FA) is already a strong recommendation in many security frameworks. But could it soon become a requirement? Back in May of last year, US President..

Give the board of directors what they want: how to showcase the value of effective cybersecurity with hard evidence rather than horror stories

Give the board of directors what they want: how to showcase the value of effective cybersecurity with hard evidence rather than horror stories

It’s a core tenet of responsible information security to avoid scaremongering – even though the stories of damaging hacks, data breaches and system meltdowns can be powerful indeed. Instead,..

The growing problem of supply chain attacks. Where to start with your defences

The growing problem of supply chain attacks. Where to start with your defences

The Kaseya breach is a sober reminder of the importance of cybersecurity across the whole supply chain As a remote management software provider to thousands of IT support firms,..

Shaping up your organisation’s security with Cyber Essentials certification

Shaping up your organisation’s security with Cyber Essentials certification

To everyone who used the Covid lockdowns to learn a new language, redecorate their home or train for a marathon, we salute you. But the reality is that many..

Cyber Essentials vs ISO 27001: here’s what you need to know

Cyber Essentials vs ISO 27001: here’s what you need to know

Sometimes in business, simply doing the right thing isn’t enough; there are times an organisation needs to prove its credentials to the world. This is certainly the case when..

Still trying to take care of business? We’re with you all the way

Still trying to take care of business? We’re with you all the way

I hope that you have now settled into your new working routine. Although it might not be business as usual for the foreseeable future, the importance of your information..

Raising awareness of Information Security in the workplace

Raising awareness of Information Security in the workplace

We all know that the national speed limit on a motorway is 70 mph and understand the potential consequences of exceeding it. So, why does almost everyone admit to..

Cyberfest 2019: you don’t have to play the victim

Cyberfest 2019: you don’t have to play the victim

The second annual Cyberfest is a great opportunity for the North East cyber community to come together, share best practice and generally make some noise about information security. I’m..

So, you want to work in cyber security?

So, you want to work in cyber security?

There are no stereotypes in cyber security. But what is an information security consultant, what do they do and why might you want to be one?

It’s not a Dark Art: how we demystify cyber security

It’s not a Dark Art: how we demystify cyber security

It’s easy to see why many people think cyber security is a mysterious Dark Art. After all, it has a language of its own, full of acronyms, jargon and..

Schools are being targeted by cyber criminals: 6 ways to shore up online defences

Schools are being targeted by cyber criminals: 6 ways to shore up online defences

In 2017 the Independent Schools’ Bursars Association (ISBA), which supports over 1,000 senior management staff in schools, stated that cyberattacks in schools can no longer be considered ‘isolated incidents’...

Security by Design.. a little thought can save a great deal of expense!

Security by Design.. a little thought can save a great deal of expense!

Security consultants talk about “Security by design” … and to be fair, most of us believe in it! The trouble is that to much of society, it is at..

Ransomware – Could it be you?….

Ransomware – Could it be you?….

Complacency has always been the enemy of safety; in today’s world, we are all vulnerable! The digital (cyber) environment may sometimes be opaque and difficult to understand, but it..

EU Cyber Security Directive on Essential Services

EU Cyber Security Directive on Essential Services

Whatever the result of the EU Referendum, there are some aspects of our relationship with Europe that are unlikely to change, as long as we continue to engage in..

Navigating the minefield of info-security compliance

Navigating the minefield of info-security compliance

A company trying to navigate the minefield of info-security compliance may think of it as a daunting task. On one side is PCI DSS and Data Protection while on..

The Dark Web

The Dark Web

Search Engines like Google and Safari only have access to about 4% of the information on the web. The other 96% is what is referred to as the Deep..

Cyber Security health tips for the New Year

Cyber Security health tips for the New Year

As New Year resolutions go, enhancing personal cyber security may not be as high on people’s lists as that resolution to take out a new gym membership or embark..

The TalkTalk Breach – A Lesson for Us All

The TalkTalk Breach – A Lesson for Us All

By Tom Fairfax, Managing Director, SRM Whilst everyone has a responsibility to manage their Cyber Security to the best of their ability, no-one is completely safe and despite their..

How to protect your data in free public WiFi hotspots

How to protect your data in free public WiFi hotspots

In an ‘ethical experiment’ conducted earlier this year, a primary school child hacked into a free public WiFi hub in just over ten minutes. The young hacker, a seven-year-old..