The Precursor SOC responded to a major cyber incident where the root cause was targeted SEO poisoning. Further investigations uncovered a sophisticated campaign targeting key business sectors in the UK & EU.
This guide provides steps that can be taken for an organisation looking to implement a basic vulnerability triage process.
Microsoft 365 is trusted by organisations large and small for their day to day operations. Email, data storage, document exchange, customer and company critical information are all entrusted to 365 for safe keeping. And yet out-of-the-box, or out-of-the-cloud as is more common, Microsoft 365 security features are configured for usability, rather than maximum security.
Communicating cyber security risk to the board can be a key function of senior security roles. While cyber risk oversight is a function of the board, be it fully or partially shared with internal teams such as the audit committee, the implementation, actual operation and management of the security program is not their responsibility
Microsoft has been pushing browser-based Microsoft 365 cloud for all office functions. However, their desktop office applications are just as popular as ever – especially Word, Excel and PowerPoint. Which is great news for cyber criminals as the end user workstation is a prime target for attack and often an overlooked link in any cyber security strategy.
In our experience, security is often something that is begrudged as taking time and budget from development and customer experience. And if you believe your security comes from your cloud platform, I recommend that you read the ‘shared responsibility’ model that all the cloud providers use to limit their liability from security exposure.
Leeds: 6 Wellington Place, LS1 4AP
Newcastle: Portland House, New
Bridge St W, NE1 8AL
