Zero Trust & ZTNA

Tony MasonCASB Cloud Application Security, Cyber Security, Data Protection, MFA, Web Security

Zero-Trust is a security framework of products or services that removes inherent trust from your organisation. Instead it requires strong, regular authentication/authorisation of all devices and users, together with context & policy adherence. Zero-Trust Network Access (ZTNA) is a term coined by Gartner. It uses the concept of ‘Zero Trust’ in the control of access to the company’s resources at … Read More

Vulnerability Scanning

Tony MasonAPI Security, Data Protection, Penetration Testing, Vulnerability Management & SIEM, Vulnerability Scanning

Why scanning more often could deliver surprising benefits you may not have considered. Can I just scan once per year, like with a penetration test? Penetration tests are uniquely effective in uncovering highly complex vulnerabilities in web applications: those which may require detailed human awareness and context in order to detect. However, whilst irreplaceable, penetration tests can also be relatively … Read More

Protect your Office 365 users & business against evasive phishing attacks.

Tony MasonData Protection, Email Monitoring, Office 365 Security, Security Awareness & Phishing

One of the key challenges organisations are currently struggling with, or have seen, is an increase in Evasive Phishing. In addition, Impersonation Attacks and Business Email Compromise are also a problem.  All of these are getting past traditional gateway and perimeter security solutions. The sophistication of these attacks makes them increasingly successful in avoiding detection and fooling your employees.  This … Read More

Data BackUp – Is Your Microsoft 365 Data Safe & Secured?

Tony MasonData Backup, Office 365 Security

With the increased adoption of Microsoft 365, many organisations assume that data backup is included in Microsoft 365.  As a platform, it is secure. However, your data isn’t backed up in a way that you would require.  Microsoft will not cover any data loss caused by your own internal errors. Nor from malicious actions, ransomware or any other cybercrime event.  Microsoft … Read More

Cybersecurity Awareness Month

Tony MasonSecurity Awareness & Phishing

October is Cybersecurity Awareness Month, which is now in its 18th year. Its primary focus continues to help raise awareness about the importance of cybersecurity, ensuring everyone has the resources they need to be safer and more secure online.    The Themes this year are: Be Cyber Smart Fight The Phish Explore, Experience, Share (Cybersecurity Career Awareness Week) Cybersecurity First KnowBe4 … Read More

UBA vs UEBA and SIEM

Tony MasonVulnerability Management & SIEM

What is UEBA? What is the difference between UBA vs UEBA and how does it fit in with SIEM? User and Entity Behaviour Analytics (UEBA) focuses on analysing activity. Specifically user behaviour, device usage, and security events ­within your network environment.  It helps companies detect potential insider threats and compromised accounts. The concept has been around for some time. It … Read More

KnowBe4 National Cybersecurity Awareness Month Update

Tony MasonSecurity Awareness & Phishing

October is National Cybersecurity Awareness Month (NCSAM).  Therefore, to help celebrate, KnowBe4 has fresh content updates and new features. Plus they have a great security awareness resource kit. Check out your 2020 NCSAM Resource Kit from KnowBe4. Firstly this includes resources for your users like infographics, cybersecurity awareness tips and new posters. In addition they have their most popular security awareness assets and … Read More

Secure Your Cloud Infrastructure For Remote Workers

Tony MasonData Protection, Enterprise Security, Office 365 Security, SIEM, Vulnerability Management & SIEM

As working from home becomes more long-term, it’s important to secure your cloud infrastructure for remote workers. Cloud Infrastructure allows for great speed and ease of deployment. New infrastructure can be deployed in minutes.  The rate of change in cloud infrastructure is far quicker than with on-premise and it is so easy and quick to deploy. This is enabling businesses … Read More

Do You Evaluate Your Security Controls?

Tony MasonBreach & Attack Simulation, Enterprise Security

With many now working from home and businesses changing, are you sure your security controls are robust enough? When checking your security posture, be sure to ask the right questions. The only way you can really see if your security controls are working effectively is to test them.  There are many tools available to do this.  However, you need to … Read More

Should you phish test during the COVID-19 pandemic?

Tony MasonSecurity Awareness & Phishing

Phishing Templates

Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer discusses the phishing dilemma, ‘Should you phish test users or not during the Covid-19 pandemic?’.  There’s no question, these are challenging times. Employees and organisations around the world are doing their best to keep everyone safe. Plus we are settling in to a new normal for accomplishing work from home. Tensions are … Read More