The NCSC/IASME Cyber Essentials Certification
The Cyber Essentials scheme was launched on 5 June 2014 Since October 2014, Cyber Essentials certification has been required for suppliers to the central UK government who handle certain kinds of sensitive and personal information. Here at CRIBB Cybersecurity, we...
Supply Chain Cyberattack
In today's interconnected business environment, organizations increasingly rely on third-party suppliers and vendors to enhance efficiency, reduce costs, and drive innovation. However, this reliance introduces new cybersecurity challenges. Managing the security risks...
Strategic Partnership Announcement
CRIBB Cyber Security, Onyx IT, and React CP Bringing Enhanced Service Offerings to Valued Clients CRIBB Cyber Security We are excited to announce a strategic partnership with Onyx IT and React CP, two leading IT support and consultancy firms. This partnership aims to...
Enhancing Cyber Preparedness for Healthcare Companies
Recent cyberattacks, including the ransomware incident targeting Synnovis and the University of Manchester breach compromising NHS patient data, underscore the urgent need for robust cyber defenses in the healthcare sector. These breaches have exposed critical...
Suspected cyber assaults believed to originate from China are focusing on American power and water networks
Government officials and cybersecurity experts in the U.S. have issued warnings indicating that the Chinese military appears to be making efforts to infiltrate crucial systems within the country. Reports are suggesting that hackers linked to China's People's...
AI security guidelines from the NCSC
Yesterday, the NCSC - National Cyber Security Centre - released new AI security guidelines. These are "for providers of any systems that use artificial intelligence... whether... created from scratch or built on top of tools and services provided by others." In this...
Black Friday security tips: Avoid online scams this year
As November 24th nears, we thought some Black Friday security tips would be useful. We first covered the cyber security element of this relatively new calendar event in 2020. That of course was the year of Covid, when online shopping became the main sales avenue for...
The IASME Cyber Assurance Standard (formerly known as IASME Governance)
CRIBB was recently (re-)certified with the IASME Cyber Assurance Standard. Formerly known as IASME Governance, this standard is "a way of verifying an organisation’s good practice in information assurance." Here then we take a closer look at this important tool in the...
Hybrid working and BYOD concern
The advent of hybrid working environments, accelerated by the global COVID-19 pandemic, has transformed the way companies operate. Employees now have the flexibility to work from various locations, blurring the lines between the traditional office and remote settings....
Cyber security awareness month 2023
Hard to believe though it may be, we are now in the month of October. That is correct, Halloween, Bonfire Night and - whisper it - Christmas are all fast-approaching. On a professional level, however, the arrival of October marks the start of Cyber security awareness...
Phishing and how to avoid it
Phishing is a type of cyber-attack in which attackers try to trick individuals into revealing sensitive information. Be it passwords, credit card numbers or personal identification, these attackers pretend to be a trustworthy source. They typically carry attacks out...
Cyber Security Market Research (A report)
Over the past few months, we've been running some polls across social media. 'Cyber Security Market Research' presents the findings from some of these. We'd love to hear what you think they might demonstrate and we've offered some brief notes on that for your...
Data Protection Service Update
It has been a particularly busy period for CRIBB, with an increase in requests for information regarding our DPO services. This year, as many of you will have noticed, there have been a spate of very high-profile cyber-attacks and data breaches. Read more on those...
Vulnerability Scanning Tools
Vulnerability scanning is the automated process of searching for security weaknesses in computer systems or software. The objective is to identify potential points of exploitation by malicious actors. When used by professionals, vulnerability scanning tools can become...
Penetration Testing Types
For our latest blog, we're returning our focus to a key cyber security tool. With so many instances of hacking and data breaches in recent times, it is vital to have a robust security strategy in place. Penetration Testing is something that can help you to assess just...
Hacking and how to prevent it
There have been numerous stories in the news around hacking and data breaches in recent times. Indeed, so far this year alone there have been over 466 million breached records, with 220 million of those coming from Twitter*. Today we take a closer look at hacking and...
McAfee versus Norton: Which is better?
Last month, we featured a comparison of antivirus software from ESET and Bitdefender. Now, we're turning our attentions to another set of solutions. In 'McAfee versus Norton' we'll give a brief overview of both before identifying their key strengths and weaknesses....
Data breach incidents: How to avoid them
Earlier this month, it emerged that hackers had found a way to break into Progress Software's MOVEit Transfer tool. The US company quickly released a downloadable security update but not before many of its clients had been affected. Those clients included payroll...
Cybercrime and ChatGPT
As with any new technology, there is always the risk that cybercriminals could exploit it for nefarious purposes. In the case of ChatGPT, this could include learning how to craft attacks and write ransomware. The chatbot’s vast volumes of data and natural language...
Multi Factor Authentication and UX
Most of us engage with Multi Factor Authentication on a fairly regular basis. Whether it be for work or play, MFA adoption amongst tech platforms has accelerated swiftly in recent years. This is because it is designed to provide an additional layer of security to...
ESET versus Bitdefender: Which is better?
Antivirus software offers computer users protection against cyber threats like viruses and malware. Whether you prefer an individual program or a suite of programs, there are many options to choose from when selecting an antivirus solution. Today we look at two of...
Cyber security news Apr 2023
With under a week of April remaining, we take a look back at this month's top security updates. Cyber security news Apr 2023 features a second zero-day cyber-attack against Google Chrome. We then turn to the NCSC for a piece on a...
Identity management day (April 11th, 2023)
Last week saw the arrival of the third annual 'Identity management day', and here we take a deeper look at this fledgling awareness day in the cyber security calendar. What is Identity Management Day? It is a day designed to educate IT decision makers and business...
Cyberthreat Defence Report 2022 (CDR)
Each year, there are numerous reports published on cyber security. In time, it is something we may explore ourselves at CRIBB - we're just a little too busy helping clients right now! - but we always pay attention to what is released. One we have been digesting this...
IT Backups: 6 Reasons backups are important
Last week, on March 31st, many people celebrated World backup day - did you? In honour of this awareness day, we look at the importance of making regular IT backups. If this is not part of your current security strategy, then you may want to change that... and here...
Cyber security news Mar 2023
As we near the end of the month, it is time for a look back at key stories from the world of cyber security. We begin with the US CISA's warning over Royal Ransomware's capabilities. We then cover the UK NCSC's new cyber security tools for small businesses. Finally,...
Zero trust security: Why it is important
Zero trust security is important because it represents a shift in security strategy. It moves from one that focuses on securing the perimeter to one that focuses on securing data and access to that data. Here we look at this in more detail. We also offer information...
Social engineering in cyber security
Last week we looked at cyber security for the Internet of Things (IoT). We asked how secure smart devices were, pointing out what users can do to mitigate the potential risks involved. Smart phones, for example, offer protection against malware but are not designed to...
IoT cyber security: How secure are smart devices?
IoT - aka 'The Internet of Things' - is a network of physical objects and smart devices which are embedded with sensors, software and connectivity. These devices collect and exchange data over the internet, which in turn means that IoT cyber security is vitally...
Cyber security news Feb 2023
It is the last day of the month and that can mean only one thing... It is time for cyber security news Feb 2023! For this latest round-up, we turn to The Hacker News. They are described as "the leading and go-to source for timely and relevant breaking news from the...