Our blog is a collection of thoughts, templates and ideas that can be adopted by organisations to improve information security.
We decided to produce this blog based on more than 10 years of experience carrying out penetration tests and security consultancy for a wide variety of different clients of all sectors and sizes. Whilst we can’t comment on the individual projects we have drawn conclusions from our findings and decided to create several blog series to address some of the common flaws we see.
Whilst the principals we discuss form the basis of any robust security programme, each series is purposely focused on simple concepts and practical guidance for implementing changes. Our aim is to demystify a complex subject and hopefully inspire and empower businesses to improve security.
Who should read this blog?
We have intentionally focused on the practical solutions that impact corporate IT Security. Throughout the series we will step you through a number of key principals, based on our findings, that will help you to either start your information security journey or improve on the controls currently in place.
People who will find this blog a useful resource:
- Business owners and executives
- IT Managers / Project managers / Developers
- Technology Students
- Technology Journalists
A little bit about Mark
Having worked in various IT Security roles for large organisations (including Head of IT Security within a FTSE 100 business) Mark is well placed to provide advice on what really works. His approach to security has always been about technical action over documentation and as such these posts contain realistic recommendations that can be implemented into practically any type of business. The controls and advice contained in each series have been implemented, tested, and improved over years and years.