Passwords
NIST, like the NCSC have updated their password guidance. It is now no longer advisable to set them to be random strings of nonsensical letters, numbers and symbols. The focus is now on password length, by stringing together multiple words. Inclusion of uppercase, and symbols or numbers is still helpful, to make them even harder […]
DORA
The Digital Operational Resilience Act (DORA), the EU regulation that came into force in January 2025, and affects financial entities and their suppliers mandates Threat-Led Penetration Testing (TLPT), alongside Risk Management for third parties, information sharing and incident reporting. The full impact of DORA’s requirements is still be absorbed by the industries it affects, and […]
The Quantum Spectre at the Banquet
Quantum is tipped to be the next big thing in computers, and it has been for some time – in fact it was first conceived in the 1980s; however the issue was not really considered until the mid-1990s. Now, it’s seen as a potential game changer in the world of cryptography, where the world’s secrets […]
Prism Infosec Appoints Andrew Turner as Chief Commercial Officer
Cybersecurity consultancy Prism Infosec, with offices in Cheltenham and Liverpool, is pleased to announce the appointment of Andrew Turner as its new Chief Commercial Officer (CCO). Andrew brings a wealth of experience in cybersecurity and commercial leadership. He holds a degree in Computer Information Systems Design from Kingston University and most recently served as Vice President of Sales, EMEA at […]
Recent Breach News
Marks & Spencer and the Co-Op have suffered a brutal breach in the recent few weeks, the full scale of which is still unknown. It should be clear that whilst the attack has been attributed to SCATTERED SPIDER, a group made infamous for their breach of the MGM casinos in Las Vegas in September 2023[1], […]
The Cyber Security and Resilience Bill – April 2025
In the King’s Speech it was announced that further details would follow about the CSR Bill, and it looks like we now have the confirmed and proposed measures: Cyber Security and Resilience Bill: policy statement – GOV.UK These have been proposed by both MPs and the Department for Science, Innovation and Technology (DSIT) and backed […]
Prism Infosec Launches Vulnerability Remediation Service
Prism Infosec is proud to announce the launch of a remediation service line that will enable organisations to promptly implement effective fixes for vulnerabilities identified during engagements. The remediations service connects organisations with Prism Infosec’s team of IT and security experts to deliver tailored solutions that address vulnerabilities while ensuring compliance with industry standards and […]
Prism Infosec Achieves CBEST Accreditation
Prism Infosec, an established CHECK accredited Penetration Testing company, is pleased to announce that we have achieved accreditation status as a Threat-Led Penetration Testing (TLPT) provider under the CBEST scheme, the Bank of England’s rigorous regulator-led scheme for improving the cyber resiliency of the UK’s financial services, supported by CREST. This follows our recent accreditation […]
DORA – What Does it Mean for Business?
The Digital Operational Resilience Act (DORA) is a European legislative act that will be applied from the 17th of January 2025 and will apply to all financial entities (except for microenterprises). It is designed to strengthen European financial entities against cyber-attacks and ICT (Information and Communication Technology) disruptions. The full original text (in English) can […]
Capitalising on the Investment of a Red Team Engagement
Cybersecurity red teams are designed to evaluate an organisation’s ability to detect and respond to cybersecurity threats. They are modelled on real life breaches, giving an organisation an opportunity to determine if they have the resiliency to withstand a similar breach. No two breaches are entirely alike, as each organisation’s organic and planned growth of […]