Blog

We regularly post our thinking here because ideas are best shared. It might be our approach to solving a problem (we’re not fans of reinventing the wheel!), perhaps simply something else entirely that has piqued our interest! We cover methods for cyber risk assessment, approaches for cyber risk quantification, tools and templates for cyber risk management, tips for running successful security programmes, and much more!

You can join us at @cydeaHQ on Twitter, or our LinkedIn page to discuss any of our posts. If you’d like to know each time we add a new post, you can subscribe for notifications and a few other choice bits of content.

...
What makes a good risk assessment?

A risk assessment is widely regarded as the foundation for any cyber security programme. It features in government guidance, international standards, and wider good practice.

Continue reading...
...
How DORA could have changed history?

Gain an understanding of your DORA compliance by taking our DORA Readiness Quiz. In a few short months, the Digital Operational Resilience Act (DORA) will come into effect for organisations operating in the European financial sector.

Continue reading...
...
Cydea chosen for Cyber Runway Scale, among the UK’s most innovative, high-growth cyber companies

We’re thrilled to announce that Cydea has been selected for Cyber Runway, the UK’s largest cyber accelerator, for companies addressing some of the biggest challenges facing cyber security.

Continue reading...
...
How does DORA differ to ISO 27001?

Gain an understanding of your DORA compliance by taking our DORA Readiness Quiz. The EU Digital Operational Resilience Act, commonly known as DORA, will come into force in just a few short months, so organisations within scope will have to be prepared before January 2025.

Continue reading...
...
What's in DORA's backpack?

Gain an understanding of your DORA compliance by taking our DORA Readiness Quiz. What’s in DORA’s backpack? The new Digital Operational Resilience Act (DORA) will be enforced from 17 January 2025, but what could it mean for you?

Continue reading...
...
From Lecture Halls to Client Calls: Getting Started in Cyber Consulting

Academia to Consulting Transitioning from the academic world to a consulting role in cyber security was a leap into the unknown.

Continue reading...
...
Risk Advisory: CrowdStrike update causing Windows ‘blue screens’

Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations.

Continue reading...
...
Introducing... Cydea Risk Platform

On Wednesday evening, at the Soho Hotel in London, we launched Cydea Risk Platform, a software-as-a-service product to help organisations achieve better security outcomes.

Continue reading...
...
Cydea Launches Risk Platform to Quantify Risk Through Real-World Scenario Modelling and Fiscal Terms

UK company makes risk management tangible for CISOs and business leaders with revolutionary new risk mitigation approach LONDON, UK - 18th April 2024 – Cydea, the cyber risk management provider, has today announced the Cydea Risk Platform, set to revolutionise the field of cyber risk by quantifying threats in financial terms to businesses, allowing them to visualise the consequences of different business security-related scenarios.

Continue reading...
...
The maths explained series: compound risk calculations to show overall risk profiles

In What do you do when there’s more than one risk? I talked about why, when you want to consider multiple risks together, you can’t just add them together.

Continue reading...
...
Exploring the potential threats to multi-factor authentication

The limitations of Multi Factor Authentication Multi Factor Authentication (MFA) is something we hear about constantly. From securing personal accounts to protecting enterprise systems, the use of MFA has become widespread in order to protect personal and business data.

Continue reading...
...
Precision vs accuracy in risk assessments

The concept of precision versus accuracy comes up across many industries, and is ultimately the same set of principles used in relation to data and how it is used.

Continue reading...
...
What do you do when there’s more than one risk?

What do you do when there’s more than one risk? Let’s do a little thought experiment. Imagine that you’re in charge of controlling cyber security risks in your organisation, and that you can only afford to implement one control this quarter.

Continue reading...
...
Why is everyone talking about zero trust?

You might have heard people saying: “Never trust, always verify”. It suggests that, by default, users or devices should not be trusted, even if they have been verified previously.

Continue reading...
...
The human element in cyber risk

According to research by security firm Tessian and Professor Jeff Hancock, 88%** of data breaches take place due to employee errors.

Continue reading...