Menu
Browse
Advanced Search

CSIDB in 2025: a new “At a glance” dashboard, and a quieter (but productive) New Year

05th January 2026

Every January I normally publish an annual “state of the database” write-up with charts and headline figures (last year’s post is a good example). This year, I’ve changed the format.

Instead of me picking a handful of stats and presenting them one way, CSIDB now has a new interactive dashboard …

Cyber Incident Breakdown for 2024

13th January 2025

It's that time of year where we get the opportunity to look back on 2024.
The year 2024 presented a dynamic landscape of cyber threats and responses. With an increasing reliance on digital systems across industries, the challenges of securing sensitive data and critical infrastructure became more pronounced. Below, …

Latest CSIDB updates: There are many.

18th December 2024

Over the past few months, I’ve been working on enhancing CSIDB (csidb.net) to deliver a more intuitive, insightful, and future-proofed threat intelligence experience. My recent updates are all about streamlining workflows, improving clarity, and aligning more closely with industry standards for cyber threat intelligence. Below, with the assistance of some …

Cybersecurity Mesh Architecture and the Move to Platformization

12th September 2024

As the complexity of digital infrastructures grows, businesses are increasingly turning towards modular and scalable cybersecurity solutions to meet their evolving needs. Two pivotal frameworks driving this shift are the Cybersecurity Mesh Architecture (CSMA) and Platformization. These approaches are transforming how organisations protect their assets and manage their security tools, …

Quantum Resistant Cryptography: Preparing for a Post-Quantum Future

19th August 2024

The advent of quantum computing represents a seismic shift in the field of cryptography. While quantum computers promise to revolutionise various industries with their immense computational power, they also pose a significant threat to the cryptographic systems that currently secure our digital communications and data. Traditional encryption methods, such as …

SaaS Security Posture Management (SSPM): An Essential Strategy for Modern Enterprises

15th August 2024

The proliferation of Software as a Service (SaaS) applications has transformed the way businesses operate, offering unmatched flexibility, scalability, and efficiency. However, this shift has also introduced a complex and expansive attack surface that traditional cybersecurity tools are ill-equipped to manage. In response, SaaS Security Posture Management (SSPM) has emerged …

UK's New Cyber Security and Resilience Bill: A Step Towards Stronger Defences

12th August 2024

In a bid to bolster its defences against the rising tide of cyber threats, the UK government has recently unveiled the Cyber Security and Resilience (CSR) Bill. This legislation aims to address critical gaps in the country's cyber defences and enhance its resilience against an ever-evolving landscape of cyberattacks. With …

Cyber Security Certification in 2024: Paths to Success in Defensive, Offensive, and Managerial Roles

06th August 2024

The landscape of cyber security certifications is more robust and diverse than ever, catering to a wide range of career paths in defensive (blue team), offensive (red team), and managerial roles. When I say vast I mean vast.. there are close to 500 certifications available in many different disciplines (e.g.  …

Social Engineering: The Human Element of Cyber Attacks

01st August 2024

The term "cybersecurity" often evokes images of hackers breaking into systems through sophisticated coding and technical prowess. However, one of the most significant threats to cybersecurity isn't a piece of malicious software or a network vulnerability; it's the human element. Social engineering, the manipulation of individuals to divulge confidential …

Securing Remote Work: Best Practices for a Hybrid Workforce

29th July 2024

The hybrid workforce model has become increasingly popular, blending remote and in-office work to offer flexibility and maintain productivity. While this model provides numerous benefits, it also introduces new challenges, particularly in terms of cybersecurity. As employees access company resources from various locations, organisations must ensure that their data …

The Role of Blockchain in Cybersecurity

25th July 2024

With the increasing number of cyber threats and attacks, traditional security measures often fall short. Enter blockchain technology—a revolutionary approach that promises to transform the landscape of cybersecurity. Initially designed as the backbone of cryptocurrencies like Bitcoin, blockchain has proven to have vast potential beyond financial applications. Its decentralised, transparent, …

Ethical Dilemmas in Cybersecurity

22nd July 2024

Cybersecurity professionals face numerous ethical dilemmas and difficult decisions. These challenges are compounded by the rapid evolution of cyber threats and the critical need to balance security with privacy, legality, and ethical considerations. This article explores some of the most pressing ethical dilemmas and the complexities involved in making decisions …

Top 10 Cyber Security Incidents of the 21st Century

18th July 2024

As technology has advanced, so too have the tactics and scale of cyber security incidents. The 21st century has witnessed a significant escalation in both the frequency and sophistication of cyber attacks, affecting individuals, corporations, and governments worldwide. These incidents have caused widespread disruption, financial losses, and in some cases, …

NIST Standards in Cyber Security: A Comprehensive Overview

15th July 2024

The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the United States Department of Commerce. NIST's mission is to promote innovation and industrial competitiveness by advancing measurement science, standards, and technology. In the realm of cyber security, NIST plays a critical role by developing guidelines, standards, …

7 Threat Intelligence Frameworks, Standards & Technologies You Should Know About Today

11th July 2024

Cyber threats evolve with unprecedented speed and organizations must remain vigilant to safeguard their digital assets. Threat Intelligence frameworks, standards and technologies play a pivotal role in identifying, understanding, and mitigating these threats. This article delves into some of the prominent Threat Intelligence enablers, including STIX, TAXII, OpenIOC, and others, …

Adapting Ransomware Techniques 2024

08th July 2024

Ransomware, once a relatively simple cyber threat that involved encrypting files and demanding payment for their release, has evolved dramatically over the years. The increasing sophistication of these attacks, fueled by technological advancements and strategic innovations by cybercriminals, poses significant challenges for individuals, organizations, and cybersecurity professionals. In 2024, …

Hacking Large Language Models (LLMs): An Analysis

04th July 2024

Large Language Models (LLMs) like GPT-4 are revolutionary tools that have transformed various domains, from content generation to customer service automation. However, as with any powerful technology, they come with their own set of vulnerabilities. This article explores the concept of hacking LLMs, focusing on techniques, defenses, and implications, drawing …

API Security in 2024

28th June 2024

As we navigate through 2024, API security has emerged as a critical area of focus for organizations worldwide. The rapid expansion of digital services, coupled with the increasing reliance on APIs for seamless integration and communication, has necessitated a robust and comprehensive approach to API security. This article delves …

Understanding Cloud-Native Application Protection Platforms (CNAPP)

14th May 2024

Cloud-Native Application Protection Platforms (CNAPPs) represent the next evolution in cloud security, integrating various security and compliance capabilities into a unified platform to safeguard cloud-native applications throughout their lifecycle. According to Gartner, CNAPPs "are a unified and tightly integrated set of security and compliance capabilities designed to secure and protect …

The Strategic Imperative of Microsegmentation in Modern Cybersecurity

08th May 2024

In today's rapidly evolving digital landscape, where hybrid and multi-cloud environments have become the norm, traditional perimeter-based security measures are no longer sufficient. This shift has necessitated a more granular approach to network security, known as microsegmentation. This technique not only enhances security postures but also aligns with the principles …

Advanced Search