Fox Red Risk
The Cyber Security and Data Protection Consultancy
Category: CISO Blog
Category: CISO Blog
Morrisons NOT vicariously liable for employee data protection breach says UK Supreme Court
Firstly – This is legal information of general interest and does not constitute legal advice of any kind. On April 1, 2020, the UK Supreme Court today handed down their judgement in the case of WM Morrisons Supermarkets plc (Appellant) v Various Claimants (Respondent), case UKSC 2018/0213. The Supreme Court unanimously ruled that Morrisons were not
Read More
Coronavirus Load balancing – Understand it can’t be stopped. We’re just smoothing the peaks in demand.
Similar to the way your IT teams will be trying very hard to load balance the impact of all your extra remote working VPN connections, the government is trying to load balance the impact on the health service and the economy…keep calm and read on!
Read More
Calculating Risk – Where’s your Confidence?!
When helping organisations navigate risk management Fox Red Risk is often faced with the task of determining methods for calculating risk. We prefer to use tried and tested methodologies but what we often find is that organisations, very rarely, are calculating risk properly. A key thing missing from the majority of implementation we see is
Read More
Virtual CISO – Dispelling the Myths!
The virtual CISO or virtual Chief Information Security Officer is a relatively new concept and with that comes a few misunderstandings of what the client actually gets (i.e. solid cybersecurity protection for your business). The word “virtual” probably doesn’t do us any favours but let’s look at some of the more common misconceptions about a
Read More
Cybersecurity Skills Gap – Who is doing the teaching…and who should provide the funding?
It seems like every other day there is yet another article highlighting the impending apocalypse of the cybersecurity skills gap. The articles often moan that it is the fault of the employer for wanting qualified personal (who knew) and then try to solve the problem essentially with the advice: Why not hire someone who wants
Read More
Asset Discovery for Cybersecurity & Data Protection – You can’t protect it if you don’t know it exists!
There is an old management adage that what isn’t measured isn’t managed. It’s so true. Something similar applies to cybersecurity. If you don’t know an asset exists, how on earth can you protect that asset from a cyber-attack or data breach?! Asset Discovery is the number one exercise a new CISO (or Virtual CISO) should
Read More
Supply Chain Resilience – Who are your Backup Suppliers?
Is your supply chain resilience programme reminiscent of the article image? Aged, poorly maintained, complex, hard-to-untangle. Do you carry out due diligence at the beginning of your engagements? More importantly, do you carry out ongoing governance and oversight? Even more importantly, does supply chain resilience form part of your wider operational resilience strategy or business
Read More
SWIFT independent assessment – have you booked yours?
The SWIFT independent assessment regime will kick in later this year. Have you booked in your assessment? If not, Fox Red Risk has some availability to carry out assessments. Remember the SWIFT payments attacks a few years back? As a reminder In 2015 & 2016, a series of cyberattacks using the SWIFT banking network, which
Read More
API Security – Are You Secure from OWASP 2019 Top 10?
Firstly, Happy New Year. 2020 is going to be an exciting year for Fox Red Risk. We have lots of cool new offerings in the pipeline to support businesses large and small in the thankless task of keeping secure. If you have resource gaps and need support, then let us know. Right, back to the
Read More
Security Incident Avoidance – Hackers know we’re away for Christmas…
It’s that time of year where many of us will be ensuring our organisations can still deal with a security incident whilst most of the workforce are at home watching Christmas movies like Die Hard – yes, it’s definitely a Christmas Movie. Hackers know businesses are running on skeleton staff during the holiday period so
Read More