Trust our Experience-Get the Best Services
Author of the Month: Andrew Pattison
ISO 27001

Author of the Month: Andrew Pattison

This month, we are celebrating author Andrew Pattison! His book: NIST CSF 2.0 – Your essential introduction to managing cybersecurity risks was published in February 2025 and covers the latest updates to the NIST framework.   The NIST CSF (Cybersecurity Framework) 2.0 is designed to help organisations prevent and protect themselves from cyber attacks. This book will help you understand how to: About the author: Andrew Pattison is the global head of GRC and PCI consultancy at GRC International Group, a GRC Solutions company. He has been working in information security, risk management and business continuity since the mid-1990s, helping
The post Author of the Month: Andrew Pattison appeared first on IT Governance Blog.

Read More
Digital life protection: How Webroot keeps you safe in a constantly changing world
cyber resilience

Digital life protection: How Webroot keeps you safe in a constantly changing world

Nearly every aspect of life is connected to the internet, so protecting your devices, identity, and privacy has never been more critical. Cyber threats are no longer just the occasional virus or suspicious email. Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a […]
The post Digital life protection: How Webroot keeps you safe in a constantly changing world appeared first on Webroot Blog.

Read More
Why You Need Cyber Resilience and Defence in Depth
Expert insight

Why You Need Cyber Resilience and Defence in Depth

And how to become resilient with ISO 27001 and ISO 22301 Unfortunately, even the most secure organisation can suffer an incident. The odds are simply stacked against you: While you need to protect all your assets from all types of threat, an attacker needs only one exploitable weakness to get into your systems. Plus, any security measure you implement is only designed to stop, at most, a handful of threats – and that’s assuming it was both correctly implemented and still doing its job. Regardless of implementation, single measures aren’t enough – because no measure is foolproof. The consequences of
The post Why You Need Cyber Resilience and Defence in Depth appeared first on IT Governance UK Blog.

Read More
CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity
Expert insight

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

Mitigating supply chain risk After widespread coverage, the CrowdStrike outage from 19 July 2024 hardly needs an introduction. But as a reminder, here are some key facts about the CrowdStrike incident: Without question, this is one of the most expensive IT outages to date, with significant global impact. To find out more about what we can learn from the event, and protect ourselves from ‘Strike 2’, we talked to our information security manager, Adam Seamons. In this interview A low-tech but laborious fix The full financial impact of the CrowdStrike incident is becoming clearer, and the figures are staggering. The
The post CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity appeared first on IT Governance UK Blog.

Read More
A Practical Guide to Cyber Incident Response
cyber resilience

A Practical Guide to Cyber Incident Response

Expert insight from our cyber incident responder Cyber attacks and data breaches are a matter of when, not if. No single measure is 100% foolproof. A determined attacker will always be able to find their way around your defences, given enough time and resources. Furthermore, as Vanessa Horton, our cyber incident responder, pointed out in an interview about anti-forensics: The cyber world is changing all the time, which means we’re playing a bit of a cat-and-mouse game. Basically, as one side improves, so does the other. In this interview, I pick her brain on cyber incident response more generally, gaining
The post A Practical Guide to Cyber Incident Response appeared first on IT Governance UK Blog.

Read More
Expert Insight: Adam Seamons on Zero-Trust Architecture
cyber resilience

Expert Insight: Adam Seamons on Zero-Trust Architecture

How networks have evolved and how to secure them Adam Seamons is the information security manager of GRC International Group PLC, after more than 15 years’ experience working as a systems engineer and in technical support. Adam also holds CISSP (Certified Information Systems Security Professional) and SSCP (Systems Security Certified Practitioner) certifications. We sat down to chat to him. What trends in network security have you noticed recently? One of the big impacts to networks has come from the changes in technology, particularly in terms of the Cloud. Networks have moved from self-contained, on-site setups to multiple Cloud services that
The post Expert Insight: Adam Seamons on Zero-Trust Architecture appeared first on IT Governance UK Blog.

Read More
The Third-Party Threat for Financial Organisations
Cyber Security

The Third-Party Threat for Financial Organisations

DORA’s supply chain security requirements IT Governance’s research for November 2023 found that 48% of the month’s incidents originated from the supply chain (i.e. were third-party attacks). For Europe, this number rises to 61%. Admittedly, it only takes a comparatively small number of supply chain attacks to skew the number of incidents. It’s in their nature for one attack to compromise potentially hundreds or even thousands of organisations. However, that doesn’t stop the numbers from being worrying. It can be challenging to secure your supply chain – organisations tend to simply trust that the products and services they use are
The post The Third-Party Threat for Financial Organisations appeared first on IT Governance UK Blog.

Read More
X