Lucia Turner joined the Cydea team after graduating from a cyber related course with a placement year working in an Information Security team within the financial services sector. Certified in CompTIA’s Security+ and a Lead Implementer in ISO 27001, Lucia takes a positive security approach working with businesses to reinforce cyber security and defend against cyber risk.
Why is everyone talking about zero trust?
You might have heard people saying: “Never trust, always verify”. It suggests that, by default, users or devices should not be trusted, even if they have been verified previously.
What is social engineering?
“Social engineering” is when threat actors use manipulation and deception to persuade a victim into doing either revealing something (such as credentials) or doing something (such as transferring money).
The paths into cyber security consulting
At Cydea, we’ve all taken different approaches to get into cyber security consulting. Cydea’s approach when recruiting has always focused on demonstrating your passion for positive security and your drive to help clients, it’s not about being the “finished article” or having followed what’s considered the ‘traditional’ path into cyber security.
Selecting a control framework
There’s no “right” control framework, it’s about finding what works best for you. Control frameworks are used to improve cyber security posture and manage cyber security risks.
Risk Advisory: LastPass Data Breach
Cydea’s risk advisories are intended for senior management to aid their understanding of current events and the cyber risk posed to their organisations.
Certification is about rules, compliance is about trust
Various schemes and standards exist to provide assurance of baseline controls and good cyber security practices within an organisation. They may be internationally recognised such as ISO 27001, or even government backed, like the UK government scheme Cyber Essentials or IASME Governance.