Author Archives: robbie

For anyone using LastPass…In late December, LastPass announced that a security incident had allowed an unauthorised party to steal customer account information and vault data. What should LastPass subscribers do?Unfortunately, LastPass have not revealed how many users were affected by … Continue reading →

Advice from the NCSC: Some organisations put a lot of effort into training their staff to detect and evade phishing attacks. Some even punish them if they slip up. It’s easy to see why the user has been identified as … Continue reading →

The Government approved Cyber Essentials scheme includes five technical controls that help protect organisations from the majority of cyber attacks. A team of experts review the scheme at regular intervals to ensure it stays effective in the ever-evolving threat landscape. … Continue reading →

In the January 2022, the NCSC will introduce an updated set of requirements for the Cyber Essentials scheme (v3.0). This update is the biggest overhaul of the scheme’s technical controls since it was launched in 2014 and is in response to the … Continue reading →

Lincolnshire Council’s information systems were held to ransom on Tuesday, 26 Feb – for £1m to reinstate access.  The breach was caused by a member of the council clicking on a link within a spam email. So what can you … Continue reading →

Unlike previous guidance, this doesn’t focus on trying to get ever more entropy into passwords.  Instead CESG are encouraging system designers and security architects to think more about where they’re requiring passwords, and what they’re trying to achieve with them. … Continue reading →

Unfortunately, there are many serious data loss incidents which could have been avoided or reduced in severity if simple good practice had been implemented.   The Office of the Information Commissioner has published guidance on the most significant threats to data … Continue reading →