Best Practice Security
Part Two: Our guide to cyber attacks and how to tackle them Welcome to part two of our guide to cyber-attacks, where we list the common types to be aware of, alongside real-life examples and advice on tackling them. You can jump to part one here. Man-in-the-Middle (MitM) Once upon a time not so very long ago, people wrote to one another. It was an era of Basildon Bond and billets-doux, before emails and texts. Now imagine … Read More »
Part One: Our guide to cyber attacks and how to tackle them Welcome to part one of our guide to cyber-attacks, where we list the common types to be aware of, alongside real-life examples and advice on tackling them. No. 1 Phishing – Also Known as Social Engineering A while back, I made phishing phone calls (sometimes referred to as vishing) to test the vigilance of a financial services firm’s employees. As a Scottish woman, my colleagues … Read More »
The Business Case for Penetration Testing A penetration test, or a pen test, is a popular way to check the effectiveness of your organisation’s cybersecurity. Pen testing is typically done once or twice a year, or after any significant infrastructure or application changes. As one of the better-known cybersecurity services in the marketplace, pen-testing plays a crucial part in most security-conscious companies’ armouries. Here, we list five reasons to consider one for your business. No. 1. A … Read More »
The Seven Steps to Cybersecurity Nirvana You’ve done your homework; you’ve spent some time researching penetration testing companies and you think you’ve a good one. Maybe you used our previous blog to help: Booking a Penetration Test? Read This First. We hope you chose us, but if not, we hope you’ll read on anyway. Now you have a date for your pen test in your diary, you’ve done the hard part, right? Alas no, there’s a lot … Read More »
How to Make the Best Choice Are you a pen test newbie? Or perhaps you arranged a cyber penetration test in the past and didn’t receive the service you expected. If so, this blog will help you. FACT: Penetration testing isn’t cheap. The day rate for a penetration tester ranges from £600 to £3,000 with travel and (potentially) accommodation on top. But let’s put this into context; you’d pay triple to avoid the blindsiding consequences of a … Read More »
Metadata and the Risks to your Security Imagine the following scenario. A company not dissimilar to yours, let’s call it Thomson & Hardy Ltd, uploads a PDF of its product brochure to its website. It looks good, flawless in fact. Thomson & Hardy’s products are attractively set out, the copy word perfect. And why not, the business has a strict editorial quality control process, so it was rigorously checked before it was published. But wait, something’s missing. An … Read More »
Network Security: How You Can Improve It Today Some practical advice for system administrators from Perspective Risk’s network security expert Neil Gibb.* Post the recent WannaCry ransomware attack which struck at the heart of the NHS and big names in the private sector, it’s become clear that the basics of network security are often widely overlooked. This enabled a relatively old virus to be used against systems that should have been made secure a long time before. Of … Read More »
Passwords and Permissive Outbound Firewall Rules During security engagements, our consultants regularly encounter organisations vulnerable to password compromise. They find that while great care is often taken in relation to inbound firewall rules, outbound rule-sets are frequently overlooked. In the following scenario, PR’s Principal Security Consultant Matt Byrne demonstrates how permissively configured outbound firewall rules or “allow all” outbound firewall rules can result in the compromise of internal users credentials and potentially impact your wider internal network / domain. Permissive Outbound … Read More »
DontCry over WannaCrypt Want to check how good your organisation’s security is? Click here. If you’re reading this article it’s not because you’ve randomly stumbled across the hashtags “WannaCry”, “WCry”, “WannaCrypt”, “Ransomware” etc. It’s because you’re already aware of it. Now, what can we add to the hundreds of articles on the recent breach via ransomware and the NSA vulnerability/exploit MS17-010? To sum it up, these are following mediums discussing WannaCry: Tweets Articles Blog posts Newspaper columns … Read More »
SSL / TLS Certificate Security Welcome to the first of our Reducing Your Risks blog series where we address a range of security vulnerabilities and share best practice to protect your organisation from threat actors. Here, our senior cyber security pro Abdul Ikbal looks at common SSL / TLS certificate weaknesses, the risks, and what you can do about them. SSL (Secure Sockets Layer) If you’re still using SSL v3 or below, I feel bad for you son, you … Read More »
Protect Your Premises: Tips from PR’s Security Experts Two of Perspective Risk’s physical security specialists – Abdul Ikbal and Neil Gibb* – share advice for improving the security of your building against criminals, malicious insiders and careless staff. Other security consultants and many clients are often surprised to learn that we can usually compromise a building’s security perimeter in under an hour. One customer commented: “It would be great to have a reference to prepare us before … Read More »
We are Perspective Risk
Information security is crucial to every aspect of your business – operational efficiency, profitability, business continuity, customer confidence, brand loyalty, protection against fraud and meeting regulatory requirements.
Our penetration testing, pen testing, pen tests and cyber security testing has proven time and time again to be an effective security assessment of business IT infrastructure.
Perspective Risk provides in-depth security assessments, risk management and compliance solutions to help you keep your confidential information safe and your critical systems secure. We’re innovative, flexible and supportive, helping you through any information security issues to deliver real business benefits and excellent value.