Entries by Stephen Jones

The 4 Most Common Ways Hackers Target Microsoft 365

Hackers love Microsoft 365 and they know exactly how to strike. From phishing scams to weak configurations and risky third-party apps, attackers are constantly probing for gaps. Learn the top four tactics that they use and how you can stop them before they stop you.

Preventing Abuse of Third-Party Integrations and OAuth Applications

Cybercriminals are exploiting third-party integrations and OAuth apps in Microsoft 365, targeting UK businesses with sophisticated consent phishing attacks. Without robust controls and user awareness, sensitive data is at risk. Discover how to protect your organisation with practical strategies for defending against one of today’s top M365 security threats.

Preventing Exploitation of Misconfigurations and Legacy Authentication

With over 80% of UK businesses relying on M365, cyber attackers are exploiting misconfigurations and legacy authentication at alarming rates. Strengthen your security by disabling outdated protocols, enforcing modern authentication, and adopting robust controls to protect your organisation from today’s most common Microsoft 365 threats

Best Practices to Prevent Credential Theft and Account Takeover

Credential theft and account takeover are rising threats for UK organisations using Microsoft 365. Attackers exploit stolen credentials to access sensitive data, impersonate staff, and deploy ransomware. Implementing multi-factor authentication, robust password policies, and regular staff training are essential steps to protect your business from devastating breaches and reputational harm.

Protecting your M365 service from Phishing and Business Email Compromise Attacks

Phishing and Business Email Compromise remain the top threats targeting users of the Microsoft M365 service. By configuring the platforms anti-phishing tools, enforcing Multi-Factor Authentication, educating staff to spot scams, and securing your domain against abuse, you can dramatically reduce the risk of compromise and keep critical communications protected from today’s most common and costly attacks.

Managing Cyber Risks: Essential Steps for SMBs in the UK

If you’re in the pursuit of business success, managing cyber risk is crucial if you want to avoid being the victim of cyber-crime. By collaborating with specialists like us, business leaders can leverage our experience and expertise to help them navigate which cyber risks are a genuine concern, which are not, and most importantly, how we can reduce the likelihood or impact of any incidents.

Why Adopting a Cyber Framework is Important

Cybersecurity isn’t just an IT issue—it’s a business-critical priority. Frameworks like ISO 27001 and NIST CSF empower leaders to protect their assets, build customer trust, ensure compliance, and drive growth. Discover how adopting these frameworks can transform cyber risks into strategic opportunities for resilience and success.

CIS Benchmarks (Centre for Internet Security Benchmarks)

Discover CIS Benchmarks – they’re globally recognised security guidelines designed to protect IT systems, software, and networks from cyber threats. Learn how these expert-approved recommendations enhance cybersecurity, ensure compliance, and safeguard digital assets with practical steps tailored to your organisation’s needs.

ISO 27001

ISO 27001 is the global standard for managing information security, offering a risk-based framework to protect sensitive data, prevent breaches, and ensure compliance. With its adaptable controls and focus on continuous improvement, it empowers organisations to enhance security, build trust, and gain a competitive edge in today’s digital landscape.

CIS Controls (CIS Critical Security Controls)

The CIS Critical Security Controls, developed by the Centre for Internet Security, are 18 domains globally recognised to bolster cybersecurity. Each Domain is divided into three Implementation Groups (IGs) based on organisational size and complexity, these controls help manage vulnerabilities, safeguard data, and ensure compliance, offering scalable solutions to mitigate evolving cyber threats.

Cyber Essentials

Protect your organisation from 80% of common cyber threats with Cyber Essentials, a UK government-backed certification. Learn how its five key controls, two certification levels, and numerous benefits—like improved security, customer trust, and eligibility for government contracts—can safeguard your business. Stay secure and compliant today!

NSCS CAF (National Cyber Security Centre Cyber Assessment Framework)

Discover how the UK’s National Cyber Security Centre’s Cyber Assessment Framework (CAF) empowers organisations to strengthen cyber resilience. With flexible, outcome-based principles and a focus on critical services, the CAF offers a systematic approach to managing risks and ensuring essential functions remain secure. Read more to protect your systems!

PCI DSS (Payment Card Industry Data Security Standard)

Discover how PCI DSS safeguards payment card data, prevents fraud, and builds customer trust. Learn about its 12 security requirements, benefits of compliance, and the risks of non-compliance that could cost your business millions. Protect your reputation and operations with this essential security framework!

COBIT (Control Objectives for Information and Related Technologies)

Discover how COBIT, a globally recognised IT governance framework by ISACA, empowers organisations to align IT with business goals, manage risks, ensure compliance, and optimise performance. Learn about its principles, customisation options, and benefits for enhancing cybersecurity, efficiency, and regulatory adherence. Unleash the potential of your IT systems!

CSA CCM (Cloud Security Alliance Cloud Controls Matrix)

The CSA Cloud Controls Matrix (CCM) is a comprehensive cybersecurity framework tailored for cloud environments. Covering 17 domains with 197 controls, it aligns with global standards like ISO 27001 and GDPR, simplifying compliance, clarifying shared responsibilities, and strengthening security for organisations and cloud providers alike. Read more to explore its benefits!

Essential Eight

Want to protect your business from cyber threats but not sure where to start? Discover the Essential Eight — eight simple, powerful steps that can dramatically boost your organisation’s security. Read on to find out how these strategies can keep your data safe and your business running smoothly!

CMMC (Cybersecurity Maturity Model Certification)

The Cybersecurity Maturity Model Certification (CMMC) ensures organisations meet stringent cybersecurity standards to protect sensitive data. With three levels under CMMC 2.0, it aligns with NIST frameworks and mandates assessments for compliance. Discover how this essential certification safeguards security and boosts competitive advantage.

Fractional Cyber Leaders

In the UK SMBs face growing cyber threats, especially AI-generated cyber attacks. Hiring part-time senior cyber professionals like virtual CISOs offers cost-effective expertise, proactive defence strategies, and compliance support. Discover how these professionals can safeguard your business against evolving risks and ensure robust cybersecurity. Read more!