How to Improve Security's Reputation Within Your Organisation
Within many organisations, security gets a bad rep. Even with top-tier talent manning your security team, there are a handful of wider issues that limit their ability to improve the overall security of the organisation. Thankfully, all is not lost. Security’s poor reputation usually stems from a lack of education; and by understanding the cyclical process that interferes with secure a...
Why Organisations Should Run Security Tests More Often
Many organisations stick to a rigid process of security testing, running costly manual tests on an infrequent basis. Whilst a handful of critical applications do require in-depth security testing, most applications would benefit from a more frequent, but less resource-intensive, approach to security.
Why Shelfware Means Secure Development Processes Are Vital
Shelfware (purchased software that quickly ends up shelved and unused) is a huge problem for large organisations, especially those attempting to rollout security programs. In order to overcome the hurdle of shelfware, and ensure that your next security investment translates into meaningful security improvements, it’s vital to understand the relationship between application security to...
8 Essential Components of an Effective Security Awareness Curriculum
A security awareness curriculum is the vital first step in improving your security, helping you to raise organisation-wide awareness of the threats faced by your employees and business on a day-to-day basis.
6 Reasons All Application Developers Need a Training Knowledgebase
There's a missing link in your application security: a training knowledgebase. To help improve the efficacy of your security training roll-out, I'm exploring the purpose of a knowledgebase - and looking at six reasons for implementing one in your organisation.
Does It Actually Matter If Software is Built Securely?
Don't bite my head off just yet. Entertain the thought. Does it really matter if software is built securely? Do organisation's need to worry about ensuring that their software is developed securely in the first place, or can they just protect against attacks by employing the latest technology: web application firewalls, application delivery controllers, automated scanners, and so fo...
3 Things Secure Application Developers Need From Your Security Team
Struggling to improve your application security?In most organisations, there's a serious disconnect between developers and security. Both teams work hard at their respective roles, but without the time and infrastructure necessary for effective collaboration, a significant amount of bugs and vulnerabilities make it into finished applications. To help you improve your application secur...
How to Manage DDOS Attacks Against Your Organisation
Are you struggling with repeated DDOS attacks against your organisation? Not sure on the best way to move forward, or how to prevent them in the future? Perhaps you just want to ensure that your organisation has the right processes in place to minimise a future attack's impact? You'll want to read on.
4 Ways to Get Your Dev Team to Buy in to Your Application Security Program
When you’re looking to improve application security within your organisation, it’s important to get buy-in across the company. You need to create a culture that prioritises security. However, it can be hard for developers to prioritise security, as they are judged on the functionality rather than the security of their code. So today I’m looking at 4 ways to get buy-in from your dev te...
Should Your Organisation Be Worried About Ransomware?
There's a new threat facing your organisation. It uses never before seen tactics to get straight to the heart of your secure systems; compromising your valuable data and attempting to exploit your organisation for thousands of pounds. Today, we're looking at the growing problem posed by ransomware - and offering a few actionable steps your organisation can take to protect itself agai...