- Six Reasons to Conduct a Penetration Test
A penetration test, commonly known as a pen test, is an authorised and co-ordinated simulated attack on an organisation’s network and infrastructure. Penetration tests involve experienced security consultants actively attempting to penetrate and exploit your organisation’s assets. We discuss what the main reasons are organisations conduct a penetration test.
- MSPs in Partnership: Is outsourcing your SOC the best option for your business?
Most companies are aware that monitoring cloud and physical-location IT infrastructure are important to flag potential cyber-attacks and prevent them. We discussed why SOC security is important and how to go about owning your own internal SOC.
- Secure by design
We discuss taking the ethos of ‘secure by design’ and applying it to an entire business. We use our own business as an example.
- Phishing 101
We discuss phishing in the IT world. We talk about what it is, what the various types of phishing are, and discuss a very real-world example.
- The story of the vCISO
We discuss what a virtual Chief Information Security Officer, often called a vCISO, is. We explore why to use one, the benefits of doing so, and what the role typically includes.
- Why your security awareness training isn’t working – and how to fix it
There are good and bad ways to go about cyber security awareness training and cultural change. We discuss some simple secrets behind great training.
- What’s your ANGLE on IT Security Services?
There are many approaches to mitigating risks. We discuss a simple framework based around the acronym ANGLE.
- Security Supplier Relationship Counselling
Outsourcing your security function is incredibly valuable for companies without the size or resources to sustain a dedicated in-house function. We discuss how having a dedicated SOC monitoring systems and providing incident response capabilities 24/7 is an expensive proposition when it is only for a single company. We cover how handing it over to an IT Security Services provider is obviously an attractive option.
- Time is Money: Issues faced in building your security stack
One of the biggest problems with building a security stack over a period of time is that you wind up with all sorts of services in it from different sources. Given that money is a rather important part of doing what you do, you might want to take a step back and ask yourself whether what you have rolled out to protect your network is really the best for the network, and for you managing it.
- Why follow a Security Framework?
Most organisations rely on technology in some way, shape or form to carry out their business. We discussed that the best way you can ensure technology can go back to being something that makes your life easier (rather than causing you more problems) is to follow a Security Framework, such as Cyber Essentials
- IT Security Services and THE LIST
It’s IT Security Services month at ALLOWLIST and throughout April we will be bringing you insights and thoughts from the very best providers of IT Security Services that THE LIST has to offer! As well as covering the basics, we will be bringing together IT Security Services and Solution providers and their collective experience from across the ALLOWLIST community.
- Who You Gonna Call?
There are a lot of good security service providers on the market right now, and it can be difficult to choose which organisation is the right one to work with. We discuss some of our top tips to help you narrow down your search and choose the right security services partner for your business.