Security Innovation Europe Blog

How to Improve Security's Reputation Within Your Organisation

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 16 Jan 2017 09:59:12 GMT

Within many organisations, security gets a bad rep. Even with top-tier talent manning your security team, there are a handful of wider issues that limit their ability to improve the overall security of the organisation.

Thankfully, all is not lost. Security’s poor reputation usually stems from a lack of education; and by understanding the cyclical process that interferes with secure application development, you can take major steps to improve security’s reputation within your organisation.

Why Organisations Should Run Security Tests More Often

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 09 Jan 2017 05:31:00 GMT

Many organisations stick to a rigid process of security testing, running costly manual tests on an infrequent basis. Whilst a handful of critical applications do require in-depth security testing, most applications would benefit from a more frequent, but less resource-intensive, approach to security.

Why Shelfware Means Secure Development Processes Are Vital

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 12 Dec 2016 08:56:35 GMT

Shelfware (purchased software that quickly ends up shelved and unused) is a huge problem for large organisations, especially those attempting to rollout security programs.

In order to overcome the hurdle of shelfware, and ensure that your next security investment translates into meaningful security improvements, it’s vital to understand the relationship between application security tools, and developer security training.

8 Essential Components of an Effective Security Awareness Curriculum

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Tue, 29 Nov 2016 10:43:16 GMT

A security awareness curriculum is the vital first step in improving your security, helping you to raise organisation-wide awareness of the threats faced by your employees and business on a day-to-day basis.

6 Reasons All Application Developers Need a Training Knowledgebase

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 21 Nov 2016 08:25:24 GMT

There's a missing link in your application security: a training knowledgebase. To help improve the efficacy of your security training roll-out, I'm exploring the purpose of a knowledgebase - and looking at six reasons for implementing one in your organisation.

Does It Actually Matter If Software is Built Securely?

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 14 Nov 2016 11:02:20 GMT

Don't bite my head off just yet.

Entertain the thought. Does it really matter if software is built securely?

Do organisation's need to worry about ensuring that their software is developed securely in the first place, or can they just protect against attacks by employing the latest technology: web application firewalls, application delivery controllers, automated scanners, and so forth?

3 Things Secure Application Developers Need From Your Security Team

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 07 Nov 2016 16:04:00 GMT

Struggling to improve your application security?

In most organisations, there's a serious disconnect between developers and security. Both teams work hard at their respective roles, but without the time and infrastructure necessary for effective collaboration, a significant amount of bugs and vulnerabilities make it into finished applications.

To help you improve your application security, and reduce the costs of remediation, I'm looking at 3 things secure developers need from your security team.

How to Manage DDOS Attacks Against Your Organisation

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 31 Oct 2016 09:18:42 GMT

Are you struggling with repeated DDOS attacks against your organisation?

Not sure on the best way to move forward, or how to prevent them in the future?

Perhaps you just want to ensure that your organisation has the right processes in place to minimise a future attack's impact?

You'll want to read on.

4 Ways to Get Your Dev Team to Buy in to Your Application Security Program

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Tue, 18 Oct 2016 08:03:01 GMT

When you’re looking to improve application security within your organisation, it’s important to get buy-in across the company. You need to create a culture that prioritises security. However, it can be hard for developers to prioritise security, as they are judged on the functionality rather than the security of their code.

So today I’m looking at 4 ways to get buy-in from your dev team to help them prioritise application security as much as the rest of your organisation.

Should Your Organisation Be Worried About Ransomware?

mdunlop@securityinnovationeurope.com (Marc Dunlop) — Mon, 03 Oct 2016 17:08:00 GMT

There's a new threat facing your organisation.

It uses never before seen tactics to get straight to the heart of your secure systems; compromising your valuable data and attempting to exploit your organisation for thousands of pounds.

Today, we're looking at the growing problem posed by ransomware - and offering a few actionable steps your organisation can take to protect itself against this new threat.