Cyber Security Blog

It is often assumed that cybersecurity training and awareness is a matter of concern for only large businesses and enterprises as they are more vulnerable to threats and have more at stake than an inchoate or fledgling businesses. This is not entirely true.

29 October 2020

Organisations that are reviewing their cyber incident response plans or even those that are looking to improve their cybersecurity maturity need to focus on identifying their critical assets or Crown Jewels as one of their top three priorities. It's quite simple, you can't protect an asset you don't know you have! 

In this blog, we cover:

27 October 2020

How customer/citizen data is processed and used is a highly regulated subject in many parts of the world. The GDPR is perhaps the most prominent and well-known example of data protection and digital privacy legislation. It has forced companies and governments the world over to treat citizen/customer data with the highest degree of sanctity. 

In this blog, we cover: 

1. Traditional data destruction techniques 
2. Home Office 2.0
3. The most viable new data sanitisation methods 
4.  Remote Erasure
5. A Case Study from India

22 October 2020

There is no such thing as an "unhackable" system. In general, cybersecurity can be described as ensuring that there is no unauthorised access to an enterprise’s network, to applications, to databases and finally to all the data we want to keep safe and secure.

Perhaps, the most “secure” system would be one which does not have any network connection whatsoever. Even then, this system is still vulnerable to physical attacks, theft, or, in some cases, radio frequencies being used to spy on the computer system remotely, and even influence its behaviour.

In this blog, we cover: 

1. Why is network security complicated?
2.  Core Concepts of Cybersecurity
3. Tenets for Success of Security Measures
4. Solutions to the Computer Network Security problem

13 October 2020

The Travelex cyber-attack  (just like many others) contains overwhelming lessons about cyber incident response and cyber crisis management for those who wish to seek them out. We have collated information on the attack, based on media reports, for an easy understanding of the attack which can be applied to enhance organisational cyber resilience.     

7 October 2020

The ultimate goal of any cybersecurity endeavour or cybersecurity training programme is to thwart an attack and emphasize on the need for training people and systems to recognise infiltration in time. A massive part of this endeavour is to properly evaluate organisational risk and implement a strategy to manage risk in the most optimal way possible.  

In this blog, we cover: 

1. Five major pillars that are needed for managing cybersecurity Risk
2. Risk acceptance criteria & criteria for performing information security risk assessments
3. Risk Identification
4. How to approach and treat risk in Risk Management


16 September 2020

You’re aware that without a cyber incident response plan you’re exposing your business to incomparable risk. You also know that these response plans are reliable only if you test their validity and effectiveness on a regular basis with cyber crisis tabletop exercises (CCTE). But do you know what really happens during these cyber crisis workshops that makes them so critical to your business continuity?   

In this blog, we cover the following key aspects of an effective CCTE: 

15 September 2020

Every business needs a fit-for-purpose cyber incident response plan to enable them to rapidly and effectively respond to a cyber-attack. This blog provides ideas on how you can use our downloadable and free cyber incident response plan template to create your own plan.  

10 September 2020

In this article, we discuss combining Nmap and Metasploit together to perform port scanning and enumerate for vulnerabilities.

8 September 2020

If you’re a smart business owner or executive, you already know that you should peg your security infrastructure and the safety of sensitive data as top priorities. To ensure that your business is safe at all times and your crown jewels are protected against malicious activities, you need to have a solid cyber incident response plan and you also need to test that plan regularly with a cyber tabletop exercise.

8 September 2020

A successful cyber-attack can be the downfall of any well-positioned business. Data breaches not only cause significant financial losses but are also the leading cause of a bad reputation for victim companies.

Blockchain started out as the technology behind Bitcoin but has popularly grown into a promising mitigation technology for cybersecurity. 

In this blog, we cover: 

1. Recent Cybersecurity Trends & Stats
2.  The Future of Attacks & Malware
3. What is Blockchain 
4. Use Cases of Blockchain for Cybersecurity 

4 September 2020

Project Management & Cybersecurity Training have become inextricably linked today. Successfully planning and executing a business/IT project for a client is almost impossible without being able to control the IT environment and security scenario in which the operations take place. 

In this blog, we cover why project managers need cybersecurity training:

4 September 2020

Artificial Intelligence (AI) and Machine Learning (ML) have become the kind of buzzwords that are used so often, it’s fair to say that they are almost abused. They are usually over-publicized and there are vendors who indiscreetly exploit these terms for their own benefit. Very few people understand these technologies and many also consider them a new-age sect of the Dark Arts. 

In this blog, we cover: 

1 September 2020

Amar Singh, Founder & CEO of CM-Alliance and Patrick Bayle, Senior Systems Engineer at Cortex (a Palo Alto Networks company) delve into how Cortex’s XSOAR can automate 95% of all response actions requiring human review and allow overloaded security teams to focus on the actions that really require their attention. 

In this blog, we discuss the unusual use cases for which Palo Alto Networks applies the XSOAR platform:

6 August 2020

Cyber threats loom large today. So, have you wondered what actually happens during a cyber-attack? Can cybersecurity training and specifically incident response training help the chaos and pandemonium that ensues? In this blog, our CEO, Amar Singh, globally acknowledged expert on cyber resilience and crisis management, and creator of the NCSC-certified Cyber Incident Planning and Response course elaborates. 

See what's in the blog below:

22 July 2020

There is a vast array of threat intelligence data out there and a variety of platforms that help businesses collect such insights. But is this data contextual, consumable, instructive and most importantly, actionable? 

In this blog, we discuss:

1. Attributes of quality Threat Intel
2. Some interesting facts about Mimecast Intelligence
3. Importance of Email Security 
4. The need of moving from perimeter to pervasive security

14 July 2020

Selecting the right type of cyber incident response training has never been this important.  No organisation today is exempt from being vulnerable to cyber-attacks, which makes having a cyber incident response plan and training staff correctly most imperative.  

18 June 2020

You can never be too prepared when it comes to cybersecurity and data privacy. For the health of your business, it is essential to continuously test your cyber incident response plans with effective cyber table-top workshops

15 June 2020

In any discussion on cyber incident response & resilience, it is imperative to deliberate upon the subject of threat actors. After all, if you can’t identify who could potentially harm your business, how will you anticipate the kind and scale of damage they can cause? 

27 May 2020

We reviewed SAMA, QCB & NESA Regulations on Business Continuity Planning, Testing & Cyber tabletop exercises and created an easy reference for you. We will be updating this blog regularly. If you are aware of updates and new regulations, email the author here.

24 May 2020

We have created an optimised cyber incident response plan template for you to download along with some guidance on how to fill it in and how to make it personal to your organisation. 

22 May 2020

To discuss cyber incident response with the CEO, you must be familiar with ISO 27001, NIST's CSF, PCI-DSS NCSC'S Cyber Assessment Framework and other regulations and standards that discuss cyber incident response and incident management. 

11 May 2020

Cyber incident response training is an important investment for today's business leaders. It's crucial that executive and management professionals throughout the organisation understand the scope of cyber threats and possess the necessary knowledge to respond quickly and effectively. 

9 May 2020

One often tends to get entangled in the word ‘tabletop’ when one thinks of conducting a cyber tabletop exercise for their organisation. It is natural to think of this exercise as one that can only be done physically in a closed room. However, contrary to that popular belief, it is often much more effective to conduct a remote cyber tabletop exercise. Read on to know why! 

8 May 2020

We are often asked about the benefits of internal cyber incident response training over our public or online training. This blog talks of the advantages of running an internal workshop that is tailored to your specific business, size & domain.   

7 May 2020

In this blog, I share why our clients who do ISO 27001 audits are including cyber tabletop exercises audits in their audit schedules. 

6 May 2020

To ensure some sense of order when you are attacked, start by following the cyber incident response checklist.

5 May 2020

If you’re one of those smart business executives who knows how important running a cyber tabletop exercise for their organisation is, you’ve won half the battle! The other half in your company’s ongoing war with cyber-crime is about running the cyber tabletop exercise correctly so that it’s actually effective!

2 May 2020

Your organisation may have a cyber incident response plan that it can fall back upon in case of a crisis, but you need to ensure its fit-for-purpose. We show you how to achieve that. 

1 May 2020

Most online cybersecurity training programmes appear to skip over the important topic of Cyber Kill Chain.

30 April 2020

Cyber tabletop exercises must be on your radar in 2020 and there’s no two ways about it. Find out what makes a normal cyber response test a really good and effective cyber tabletop exercise.  

21 April 2020

How to make the cybersecurity checklist PDF work for your organisation?

8 April 2020

With little time for cybersecurity training, how can businesses ensure their employees work securely from home?

1 April 2020

Cyber Tabletop Exercises help you test and evaluate the efficacy of your well-laid plans in a real-world situation.

You have to ask yourself, when your organisation is under a cyber-attack will your untested response plan actually work?  The only way to find out is to assess your plan with a successful  Cyber Tabletop Exercise. Note the emphasis on the word successful?

27 March 2020

The expectation - that security behaviours will change if your employees know what they need to do and if they know their firm’s security policies - is flawed. Knowledge is just a part of behaviour change; the real challenge that many organisations face is to work to ensure their people care, are motivated and have the ability and the confidence to act in the right way at the right time.

In this blog we cover: 


17 March 2020

With the increasing frequency of Travelex-like, business-impacting crises, top executives of organisations are taking notice and rushing to ensure that they have cyber incident response plans to deploy when hit by a cyber crisis.

In this blog we cover:

6 March 2020

Many organisations and security teams find it easy to blame the human factor in the security value chain. It’s become quite acceptable to say that humans are the weakest line of defence when it comes to organisational threats. But is this fair? Are human employees being given the kind of training they deserve in an ever-evolving and increasingly complex digital ecosystem?

23 January 2020

33.5% of Indian firms were hit by a cyber-attack in 2018. Not only is this figure alarmingly high, it also makes India the third most-attacked country as per a survey conducted by Tech Asia Research for Sophos, the renowned British security software and hardware firm.

14 January 2020

Free Cyber Incident Response Plan Template

Optimised Document Structure, Easy to understand guidance on Cyber Incident Planning & Response and a ZERO-FLUFF approach makes this cyber response plan template immediately useful.

Simply fill in your details in the form below to receive your copy and more free mind maps and checklists.