All Blog Posts

A Counter-Espionage Approach to Corporate Security Management

In order to spot the tell-tale signs of espionage, the security team needs to not only be well-versed in the science of counterespionage, but also in the conduct of industrial espionage. From this theoretical standpoint they can make better sense of the evidence they have gathered. In short: it takes a spy to catch a spy.
Posted: 27 February 2014 by Optimal Risk Admin | with 0 comments

Breaching the Human Firewall Part 1

‘Human firewall’ testing that we have conducted for many organisations, as part of more elaborate red team exercises has proved that the human element is typically taken for granted as a weakness in organisations’ defence but most are left with significant gaps in their perspective of how deep the problem is and what they should do about it.
Posted: 13 February 2014 by Optimal Risk Admin | with 0 comments

Security vs Defence: Time to move on.

an active defence strategy is built on the assumption that effective defence requires a pre-prepared, active plan to deter, ‘counter-act’, or engage threats as part of a specific doctrine.
Posted: 6 February 2014 by Optimal Risk Admin | with 0 comments

Being Prepared and Risk Informed

Ultimately, the justification for adopting a pre-emptive and proactive approach must be to enable better risk-informed decision-taking. A comprehensive evaluation of cyber risk requires a meticulous approach to mapping an organisation’s assets and processes before modeling risk against them, and there are few methodologies that are fully evolved to accomplish this.
Posted: 28 November 2013 by Optimal Risk Admin | with 0 comments

Reflecting on Cyber Threat Summit 2013

Optimal Risk was proud to sponsor this years CTS 2013. Optimal Risk was proud to sponsor this years Cyber Threat Summit, which is now a virtual global event. We presented on two topics highlighting in two parts that If you are not prepared then you should start - and if you think you are then you should test your defence to be sure and reassured. Your customers and shareholders will be too.
Posted: 29 October 2013 by Optimal Risk Admin | with 0 comments

Addressing Espionage in Cyber Awareness Month

If companies start with the assumption that they have been the victim of espionage, and that data is still being exfiltrated consistently, then they will quickly change their security dialogue & agenda considerably. For many firms it is complex to look for evidence of victimhood unless they bring in specialists.
Posted: 16 October 2013 by Optimal Risk Admin | with 0 comments

Converged Security Risk: Supply Chain and Downsizing Scenarios

In summing up the lessons of the day, the Chairman highlighted that converged security planning needs to consider plausible threats, beyond just ‘the probable’ specifically in relation to the insider threats from bad practice as well as bad intent. He also drew attention to the principle that planning for converged threats should be characterised by a reluctance to simplify the process, and by a proactive approach to maintaining greater awareness of threats, and anticipating their impacts.
Posted: 7 October 2013 by Optimal Risk Admin | with 0 comments
Displaying results 8-14 (of 30)
 |<  <  1 2 3 4 5  >  >|