Blog

We regularly post our thinking here because ideas are best shared. It might be our approach to solving a problem (we’re not fans of reinventing the wheel!), perhaps simply something else entirely that has piqued our interest! We cover methods for cyber risk assessment, approaches for cyber risk quantification, tools and templates for cyber risk management, tips for running successful security programmes, and much more!

You can join us at @cydeaHQ on Twitter, or our LinkedIn page to discuss any of our posts. If you’d like to know each time we add a new post, you can subscribe for notifications and a few other choice bits of content.

...
Testing your organisation's response to cyber incidents

It’s 7:30am. You wake up to 17 missed calls and a dozen messages from staff saying they’re locked out of their machines, and all they can see is a message asking for 50 bitcoins to decrypt the company’s data.

Continue reading...
...
The importance of supply chain security

All businesses have a supply chain, no matter what size of business you are. As businesses grow, their supply chain is likely to grow even further.

Continue reading...
...
Autonomous vehicles and their cyber security

They may not be quite like Glen A. Larson depicted them in the 80’s TV series “Knight Rider”, but autonomous vehicles are here.

Continue reading...
...
What is social engineering?

“Social engineering” is when threat actors use manipulation and deception to persuade a victim into doing either revealing something (such as credentials) or doing something (such as transferring money).

Continue reading...
...
We're making changes to the way you login to our risk app

This message has been sent to all early adopters of our risk app. It’s replicated here so that you can verify the authenticity of the reset request that will follow.

Continue reading...
...
The maths explained series: Quantitative risk analysis

In Qualitative and quantitative risk analysis, we talked about the difference between qualitative and quantitative risk analysis, and we made the case for the use of quantitative risk analysis in cybersecurity.

Continue reading...
...
We’re building an app and need your help!

We’ve been developing a better way to measure and manage cyber risk. This approach underpins our cyber risk analysis engagements, which we’ve had fantastic feedback from clients on.

Continue reading...
...
Staying true to your policies and standards

Most organisations have a set of policies and standards that govern how they respond to security incidents and threats. It’s all well and good having them in place but ensuring you use them is what’s important.

Continue reading...
...
Qualitative and quantitative risk analysis

Let’s start with some dictionary definitions: Qualitative, adj: “based on information that cannot be easily measured, such as people’s opinions and feelings, rather than on information that can be shown in numbers”

Continue reading...
...
Communicating risk

We believe in positive security that helps to protect current and future business value. Clear communication is essential for making that happen - but communication is hard, especially when you have to provide clarity about complicated things.

Continue reading...
...
The paths into cyber security consulting

At Cydea, we’ve all taken different approaches to get into cyber security consulting. Cydea’s approach when recruiting has always focused on demonstrating your passion for positive security and your drive to help clients, it’s not about being the “finished article” or having followed what’s considered the ‘traditional’ path into cyber security.

Continue reading...
...
Risk Advisory: Managed File Transfer Software

Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations.

Continue reading...
...
Managing portfolio cyber security

A few weeks ago, we brought together people from private capital to discuss cyber security in portfolios and how value creation steers it.

Continue reading...
...
How we view assets

The first thing we usually ask new clients is: What are you defending? Exploring that simple question allows us to understand how clients consider, and value, their assets.

Continue reading...
...
Startup cyber security requirements

As a startup, it can be overwhelming to know where to start when it comes to cyber security, and the approaches adopted by larger organisations are often not suitable to be applied on a smaller scale as they are both costly and resource intensive.

Continue reading...