Attackers Exploited Gogs Zero-Day Flaw for Months
Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed…
Cyber Security
Is DORA Applicable in the US?
How DORA affects US ICT service providers DORA (the Digital Operational Resilience Act) is an EU regulation affecting financial entities…
5 Top Cyber Security Frameworks
Many organisations must comply with a mixture of state-mandated, industry-specific and international cyber security regulations. This includes, but isn’t limited…
How to Check if a US Company is ISO 27001 Certified
The US suffers more cyber security incidents than any other country, so it’s no surprise that customers, partners, authorities and…
List of US Accredited Certification Bodies for ISO 27001
When seeking certification to ISO 27001, you should always avoid non-accredited certification bodies. Non-accredited certification bodies (and those that falsely…
ISO 27001 Checklist: 9-step Implementation Guide
We’re not going to lie: implementing an ISO 27001-compliant ISMS (information security management system) can be a challenge But as…
A Guide to Meeting the DORA Penetration Testing Requirements
Security programmes often look great on paper. But, post implementation, have you confirmed that: You’ve chosen the right measures? You’ve…
BIA (Business Impact Analysis): A Practical Approach
Business impact analysis, or ‘BIA’, is a process usually associated with business continuity and operational resilience – areas that have…
How to Avoid Holiday Shopping Scams (From a Former Cyber Detective)
Christmas is the time where we allow our imaginations to run wild, it’s the season of goodwill, high spirits and…
What Is Legitimate Interest Under the GDPR?
The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Four of those conditions…