Blog

We regularly post our thinking here because ideas are best shared. It might be our approach to solving a problem (we’re not fans of reinventing the wheel!), perhaps simply something else entirely that has piqued our interest!

You can join us at @cydeaHQ on Twitter, or our LinkedIn page to discuss any of our posts. If you’d like to know each time we add a new post, you can subscribe for notifications and a few other choice bits of content.

The link between risk scenarios and detection use cases

Earlier last year, I delivered a webinar on the importance of mapping risks and understanding threat coverage for a successful security monitoring strategy.

How we work together

More and more businesses are adopting a hybrid working model, driving the need for collaborative tools to facilitate remote team working.

Selecting a control framework

There’s no “right” control framework, it’s about finding what works best for you. Control frameworks are used to improve cyber security posture and manage cyber security risks.

Why cyber risks should belong to business decision makers and not the IT department

Risk management is an essential part of business. It heavily relies on two things: a way of qualifying/quantifying risks pertaining to a certain area of the business, and a decision being made on the method of treatment for each risk.

Thoughts on the updated ISO 27002

In my previous blog post, we looked at the latest changes to ISO 27002. This included the changes to the controls with the new additions and the attributes table.

Risk Advisory: LastPass Data Breach

Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations.

What you need to know about the newest changes to ISO 27002

ISO 27002 is an international standard that defines a range of information security controls that can be used to manage risk.

Risk Advisory: UK government ban on Chinese surveillance equipment

Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations.

Starting a career in the world of cyber security

For the first four years of my professional life I worked as a Development Engineer in the Automotive Engineering industry. It’s been a full year now since I made the decision to change fields to the rapidly expanding industry of Cyber Security, and now feels like a good time to reflect on my journey so far: my background, why I made the jump, and my reflections against what I expected.