Every business relies on technology, but how often do we stop to check if it’s as secure as we think? Making assumptions on how secure our networks are is a dangerous and costly game to play! A cybersecurity risk assessment isn’t about ticking boxes or indulging in worst-case scenarios (though the latter exercise could prove […]
Read MoreAs a business owner or CEO, you know cybersecurity is a critical issue - every headline reminds you of the risks - but justifying hiring a full-time Chief Information Security Officer (CISO) on a tight budget feels out of reach. Maybe it’s the cost, or maybe you’re unsure if your organisation even needs someone in […]
Read MoreIt was a packed room at BMIT’s The Cybersecurity Imperative 2025 event, which brought together security professionals, business leaders, and technologists for a morning of practical insights and honest reflection. Now in its third year, this edition tackled a question that seems straightforward but remains challenging: what does ‘secure enough’ really mean? The keynote from […]
Read MoreThe recent breach at Marks & Spencer didn’t stem from a technical failure. It began with a phone call. Attackers impersonated internal engineers and convinced help desk staff to reset passwords and disable multi-factor authentication. That gave them the foothold they needed to access domain credentials, escalate privileges, and ultimately deploy ransomware. Stores reverted to […]
Read MorePackages are more than just a collection of services Do you think cybersecurity is just an IT issue? It’s not. It’s a business issue and one that could have a lasting impact on the company’s future. Security is often considered (and treated) as a collection of tools rather than a strategic advantage that builds customer […]
Read MoreCyrille Aubergier, Senior Compliance (GRC) Specialist at BMIT talks about making a success of security awareness training and to be wary of the pitfalls. Security awareness training is gaining a lot of traction in organisations, yet we continue to see incidents stemming from basic errors. What do you think is the biggest reason for this […]
Read MoreA security policy is a formal set of rules that defines how your organisation protects its information assets and systems. It outlines the necessary actions to prevent unauthorised access, use, disclosure, modification, or destruction of data and infrastructure. If your business handles sensitive data - such as customer information, financial records, intellectual property, or confidential […]
Read MoreQ: What is cloud security? A: Cloud security is a combination of technologies, policies, processes, and user education designed to protect data, applications, and systems operating in a cloud environment. Just as you wouldn’t leave your wallet or purse unattended in a busy public space, you should not leave your digital assets unattended. Effective cloud […]
Read MoreCybersecurity challenges are a reality everywhere. They are immediate, and they are affecting organisations of every size and type. Whether you are running a public authority, managing a growing business, or supporting national infrastructure, the threat landscape is shifting. Attacks are becoming more frequent, more sophisticated, and more disruptive. This is a shared reality. Whether […]
Read MorePhishing attacks show no sign of abating and continue to be one of the most pervasive and damaging. Despite new technologies, training and awareness programmes, phishing persists, targeting the most vulnerable element in any security infrastructure: human judgment. In the Email Security Risk Report 2024 by Egress, nine in 10 organisations said they were the victims of […]
Read More