The Security Innovation Europe Blog

Marc Dunlop

Recent Posts

How to Improve Security's Reputation Within Your Organisation

Posted by Marc Dunlop on Jan 16, 2017

Within many organisations, security gets a bad rep. Even with top-tier talent manning your security team, there are a handful of wider issues that limit their ability to improve the overall security of the organisation.

Thankfully, all is not lost. Security’s poor reputation usually stems from a lack of education; and by understanding the cyclical process that interferes with secure application development, you can take major steps to improve security’s reputation within your organisation.

Read More »

Topics: Security Management, Software Development, Implementing Security

Why Organisations Should Run Security Tests More Often

Posted by Marc Dunlop on Jan 9, 2017

Many organisations stick to a rigid process of security testing, running costly manual tests on an infrequent basis. Whilst a handful of critical applications do require in-depth security testing, most applications would benefit from a more frequent, but less resource-intensive, approach to security.

Read More »

Topics: Implementing Security

Why Shelfware Means Secure Development Processes Are Vital

Posted by Marc Dunlop on Dec 12, 2016

Shelfware (purchased software that quickly ends up shelved and unused) is a huge problem for large organisations, especially those attempting to rollout security programs.

In order to overcome the hurdle of shelfware, and ensure that your next security investment translates into meaningful security improvements, it’s vital to understand the relationship between application security tools, and developer security training.

Read More »

Topics: Software Development

8 Essential Components of an Effective Security Awareness Curriculum

Posted by Marc Dunlop on Nov 29, 2016

A security awareness curriculum is the vital first step in improving your security, helping you to raise organisation-wide awareness of the threats faced by your employees and business on a day-to-day basis.

Read More »

Topics: Security Awareness

6 Reasons All Application Developers Need a Training Knowledgebase

Posted by Marc Dunlop on Nov 21, 2016

There's a missing link in your application security: a training knowledgebase. To help improve the efficacy of your security training roll-out, I'm exploring the purpose of a knowledgebase - and looking at six reasons for implementing one in your organisation.

Read More »

Does It Actually Matter If Software is Built Securely?

Posted by Marc Dunlop on Nov 14, 2016

Don't bite my head off just yet.

Entertain the thought. Does it really matter if software is built securely? 

Do organisation's need to worry about ensuring that their software is developed securely in the first place, or can they just protect against attacks by employing the latest technology: web application firewalls, application delivery controllers, automated scanners, and so forth? 

Read More »

3 Things Secure Application Developers Need From Your Security Team

Posted by Marc Dunlop on Nov 7, 2016

Struggling to improve your application security?

In most organisations, there's a serious disconnect between developers and security. Both teams work hard at their respective roles, but without the time and infrastructure necessary for effective collaboration, a significant amount of bugs and vulnerabilities make it into finished applications.

To help you improve your application security, and reduce the costs of remediation, I'm looking at 3 things secure developers need from your security team.

Read More »

Topics: Software Development, Implementing Security

How to Manage DDOS Attacks Against Your Organisation

Posted by Marc Dunlop on Oct 31, 2016

Are you struggling with repeated DDOS attacks against your organisation?

Not sure on the best way to move forward, or how to prevent them in the future?

Perhaps you just want to ensure that your organisation has the right processes in place to minimise a future attack's impact?

You'll want to read on.

Read More »

4 Ways to Get Your Dev Team to Buy in to Your Application Security Program

Posted by Marc Dunlop on Oct 18, 2016

When you’re looking to improve application security within your organisation, it’s important to get buy-in across the company. You need to create a culture that prioritises security. However, it can be hard for developers to prioritise security, as they are judged on the functionality rather than the security of their code.

So today I’m looking at 4 ways to get buy-in from your dev team to help them prioritise application security as much as the rest of your organisation.

Read More »

Topics: Security Management, Software Development

Should Your Organisation Be Worried About Ransomware?

Posted by Marc Dunlop on Oct 3, 2016

There's a new threat facing your organisation.

It uses never before seen tactics to get straight to the heart of your secure systems; compromising your valuable data and attempting to exploit your organisation for thousands of pounds.

Today, we're looking at the growing problem posed by ransomware - and offering a few actionable steps your organisation can take to protect itself against this new threat.

Read More »

Topics: Security Management, Security Awareness, ransomeware