Susan Victor

About Susan Victor

This author has not yet filled in any details.
So far Susan Victor has created 11 blog entries.

Do You Know These Secrets About Your Supply Chain?

Do You Know These Secrets About Your Supply Chain? In today's hyper-connected global economy, managing supply chain risk isn't just about knowing your immediate suppliers. It's about understanding the intricate web of extended supplier connections, stretching from your fourth-tier partners to potentially countless others. This complexity introduces unprecedented challenges for businesses striving for operational resilience and robust information security. The Limitations of Traditional Third-Party Management Many organisations believe they've tackled supply chain risk by meticulously mapping their direct third-party suppliers. However, this only scratches the surface. The real vulnerabilities lie in the 4th to Nth party connections , often invisible to traditional risk assessment methodologies. Why Extended Supplier Connections Matter Expanded Attack Surface: A breach at a distant supplier can ripple through the network, impacting your organisation's data and operations. Regulatory Compliance: Increasingly stringent regulations, like GDPR and ISO 27001, demand visibility into the entire supply chain, not just direct

By |2025-03-13T14:39:26+00:00March 13th, 2025|Blog|0 Comments

Ransomware and Supply Chain: How Vendors Create Victims

Ransomware and Supply Chain: How Vendors Create Victims Ransomware attacks are a growing menace, causing significant disruption and financial loss. In 2024, these attacks reportedly cost businesses an estimated $9.5 trillion globally. This escalating trend highlights the critical need for robust cyber security strategies. A particularly concerning aspect is the vulnerability introduced through Supply Chain product vendors, who, inadvertently or otherwise, can become a gateway for Ransomware. The Role of Supply Chain Vendors Supply Chain vendors are integral to modern business, providing essential software and hardware components. However, this reliance creates a potential weak link. These vendors often possess sensitive information about their client organisations, making them attractive targets for cyber criminals. A compromised vendor can provide attackers with a foothold into multiple organisations simultaneously. Vendor-Related Risks: Several factors can increase the risk of Ransomware attacks originating from Supply Chain vendors: Unpatched Vulnerabilities: Vendors failing to promptly patch security flaws in their

By |2025-02-20T13:21:02+00:00February 20th, 2025|Blog|0 Comments

Building an Unbreakable Supply Chain Security System

Building an Unbreakable Supply Chain Security System A robust Supply Chain is the lifeblood of any successful business. However, this intricate web of suppliers, vendors and partners presents a significant vulnerability: security breaches. Recent high-profile attacks and alarming statistics underscore the urgent need for comprehensive Supply Chain Security management. A CPG manufacturer's £22 million inventory cost saving through effective security exemplifies the tangible benefits, while the 2023 Security Breaches Survey highlights the alarming lack of minimum-security standards among UK businesses' suppliers. This article delves into the critical steps required to construct an "unbreakable" Supply Chain Security system, empowering your organisation to navigate the evolving threat landscape and safeguard your operations. The Alarming Reality: Identifying Supply Chain Threats The surge in Supply Chain attacks is staggering, with a 2,600% increase since 2018 and over 54 million victims in 2023 alone. The complexity of modern Supply Chains, relying heavily on interconnected suppliers,

By |2025-03-04T08:15:06+00:00February 4th, 2025|Blog|0 Comments

Ransomware vs. Malware: Key Differences and Security Measures

Ransomware vs. Malware: Key Differences and Security Measures In today's digital age, cyber threats have become increasingly sophisticated and prevalent. Two of the most common cyberattacks are Ransomware and Malware. While both pose significant risks to individuals and organisations, they differ in their objectives and methods. Understanding the key differences between Ransomware and Malware is crucial for implementing effective security measures to protect your digital assets. What is Malware? Malware, short for malicious software, is a broad term encompassing various types of software designed to infiltrate computer systems without the user's knowledge or consent. Malware can be categorised into several types, including: Viruses: Self-replicating programs that attach themselves to other files and spread through networks. Worms: Self-propagating Malware that can spread independently without requiring user interaction. Trojan Horses: Malicious programs disguised as legitimate software, often used to steal data or grant unauthorised access. Spyware: Software that secretly monitors user activity

By |2024-12-05T12:04:45+00:00December 5th, 2024|Blog|0 Comments

Digital Operational Resilience Act: Financial Institutions

Digital Operational Resilience Act: Financial Institutions The Digital Operational Resilience Act is a landmark piece of legislation designed to strengthen the cyber security and operational resilience of financial institutions within the European Union. As the financial sector continues to become increasingly digital, the need for robust defences against cyber threats has never been more critical. Digital Operational Resilience Act aims to address this need by establishing a comprehensive framework for managing digital risks and ensuring the stability of the financial system. In this article “Digital Operational Resilience Act: Financial Institutions”, we will delve into the key aspects of Digital Operational Resilience Act, explore the steps financial institutions can take to assess their existing frameworks and discuss strategies for implementing effective compliance and remediation measures. Understanding Digital Operational Resilience Act and Its Implications The Digital Operational Resilience Act (DORA) is a significant piece of legislation aimed at strengthening the resilience of

By |2024-11-22T15:59:34+00:00November 22nd, 2024|Blog|0 Comments

Ransomware: How Susceptible Is Your Organisation? – Part 2

Ransomware: How Susceptible Is Your Organisation? - Part 2 Building upon our previous article, "Ransomware: How Susceptible Is Your Organization? - Part 1," we continue our exploration of this escalating cyber threat. Ransomware attacks have skyrocketed in recent years, causing significant disruption and financial losses to organisations worldwide. This malicious software encrypts valuable data, holding it hostage until a ransom is paid, leaving organisations in a vulnerable position. The increasing frequency and sophistication of these attacks highlight the urgent need for effective cyber security strategies. This article delves deeper into the devastating impact of Ransomware on organisations, identifying common attack vectors and high-value targets within organisations. We also examine essential defence-in-depth strategies, the importance of threat intelligence, and crisis management planning. By understanding these key areas, organisations can strengthen their Ransomware resilience and protect their critical assets. Leveraging Threat Intelligence for Ransomware Prevention Threat intelligence is a crucial tool in

By |2024-09-23T07:56:25+00:00September 23rd, 2024|Blog|0 Comments

Ransomware: How Susceptible Is Your Organisation? – Part 1

Ransomware: How Susceptible Is Your Organisation? - Part 1   Ransomware has become a critical cyber security threat, causing significant disruption and financial losses to organisations worldwide. This malicious software encrypts valuable data, holding it hostage until a ransom is paid, often leaving businesses in a precarious position. The rise in Ransomware attacks has led to a growing need for robust defence strategies and increased awareness among organisations of all sizes and sectors. To tackle this evolving threat, organisations must understand their vulnerabilities and implement comprehensive protection measures as the weakest and most vulnerable will be targeted. This article explores the business impact of Ransomware, identifies high-value targets within organisations, and examines common attack vectors in the financial sector. It also delves into defence-in-depth strategies, the use of threat intelligence for prevention, crisis management, and the importance of cyber security governance. By addressing these key areas, organisations can enhance their

By |2024-09-23T07:57:26+00:00September 17th, 2024|Blog|0 Comments

How to Master Open-Source Intelligence: Tips and Tricks

How to Master Open-Source Intelligence: Tips and Tricks Open-Source Intelligence is the practice of gathering and analysing publicly available data to gain actionable information. Even if you are a cyber security professional, journalist, or simply someone curious about investigative techniques, mastering Open-Source Intelligence allows you to uncover comprehensive data and make informed decisions through ethical analysis. This article "How to Master Open-Source Intelligence: Tips and Tricks" will explore the Open-Source Intelligence cycle, compare active and passive techniques, give real-world examples, and offer tips and tricks for staying updated in this dynamic field. What is Open-Source Intelligence? Open-Source Intelligence (OSINT) refers to the collection and analysis of publicly available information. This includes data from social media, websites, public records, news articles, and more. By using OSINT techniques and leveraging relevant tools, individuals can uncover a wealth of information about their subject. The Open-Source Intelligence Cycle:       1. Preparation and Planning The journey

By |2024-07-15T14:48:14+00:00July 15th, 2024|Blog|0 Comments

5-Step Attack Surface Management Guide

5-Step Attack Surface Management Guide As cyber criminals develop ever more sophisticated tactics, proactively managing your attack surface has become an essential defence for organisations of all sizes. Attack surface management isn't just about plugging holes; it's a systematic approach to continuously identify every potential entry point - from internet-facing applications to misconfigured devices - that attackers could exploit to infiltrate your network, steal sensitive data, or disrupt critical operations. By taking a proactive stance and prioritising these vulnerabilities, organisations can significantly reduce their cyber risk. This 5-step attack surface management guide empowers you to proactively manage your digital assets. Why is Attack Surface Management (ASM) Important? The digital transformation and interconnected technologies expand your attack surface, creating more potential entry points for attackers. Attack Surface Management helps you: Gain visibility: Achieve comprehensive insight into all your digital assets, including hardware, software, network components, and cloud services. Reduce risk: Identify

By |2024-06-04T08:52:05+00:00June 4th, 2024|Blog|0 Comments

Password Power Up: Your Guide to Online Security

Password Power Up: Your Guide to Online Security Passwords safeguard our social media profiles, financial accounts, and a treasure trove of personal information. A weak password is an open invitation to vulnerability. This following article "Password Power Up: Your Guide to Online Security" will unravel the art of creating robust passwords, the common mistakes to avoid, and the latest strategies in password management that can fortify your cyber defences. Strong Passwords: The Gatekeepers of Your Digital Life Strong passwords are the digital gatekeepers standing guard over our online identities and protecting our sensitive information. Just like a strong lock secures our physical belongings, a robust password safeguards our digital lives. Short on Memory, Long on Security: Passphrases vs. Passwords Struggling to remember all your passwords? Consider a password manager – it stores your complex passphrases securely and fills them in automatically, saving you the hassle. But before diving deeper, let's

By |2024-05-02T13:17:35+00:00May 2nd, 2024|Blog|0 Comments