We called out Anthropic's Cyber Verification Program this morning as opaque gatekeeping. Then we applied. Approval came in under an hour. A Cyber Essentials cert and three honest sentences about what you actually do was sufficient. If you do legitimate security work and haven't applied -- the barrier is lower than it looks. https://open.substack.com/pub/sovereignauditor/p/if-you-dont-ask-youll-never-find
#CyberSecurity #CyberEssentials #Anthropic #Claude #AI #InfoSec #DataProtection #IsleOfMan
Today @bergerode_cyber are at the latest Lancashire Partnership against Crime expo, Ewood Park, Blackburn Rovers
Come and see us!
#cyberessentials
#cyberessentialsplus
#defencecybercertification
The Haunted Lighthouse Limited has achieved Cyber Essentials certification (whole organisation scope).
Assessed under the IASME scheme, aligned with the UK National Cyber Security Centre baseline controls. Sensible fundamentals: patch management, MFA, least privilege, secure configuration, and disciplined backup practices.
Not glamorous, just solid security hygiene.
The lighthouse is officially audited.
#CyberEssentials #IASME #NCSC #CyberSecurity #InfoSec #SmallBusiness #PrivacyFirst
Providing some helpful and constructive feedback on the UK's Cyber Essentials scheme, a set of controls to ensure organisation have a base level of IT security.
That's right kids, full disk encryption for laptops in not considered a bare minimum of #infosec for #CyberEssentials.
To all my UK infosec fedi-friends, I've been thinking of upgrading my company's Cyber Essentials certification to the Plus version.
The auditing company I reached out to would be expecting us to install a proprietary end-point monitoring application, which I'm really not keen to do.
Anyone knows of a company that would carry out the auditing in any different way, e.g. via an open source app?
I've been enquiring about upgrading my company's #CyberEssentials certification to CE Plus, which would involve undergoing an actual audit by a third-party organisation. The auditing company I spoke to said I would need to install a proprietary endpoint detection thingy (from Qualys...?), which I would be extremely reluctant to do. I wonder if I could use an open-source alternative instead, perhaps one of the Greenbone open-source products...
@BergerodeCyber are at the Lancaster District Business Support Expo 2025 hosted at the Platform in Morecambe via Lancaster City Council & Lancaster and Morecambe District Chamber of Commerce
Come & see us & our new banners & get some free swag
Healthcare practices are under cyber siege.
Ransomware, phishing, stolen records… and all while trying to run a clinic, not a data centre.
The reality? Patient records are gold to attackers. But most GP surgeries, dental clinics, and therapists don’t have enterprise IT teams or endless budgets.
✅ MFA
✅ Backups
✅ Staff training
✅ A risk-based plan
✅ A bit of guidance from someone who gets it
You can do cybersecurity without breaking the bank – and without losing focus on care.
Need help getting there? I speak fluent “healthcare on a budget.” Let’s talk 👽
https://paulreynolds.uk/cybersecurity-for-healthcare-providers/
#CyberSecurity #HealthcareIT #DSPToolkit #GPPractices #CyberEssentials #RiskManagement #YDC #PatientData #SmallBusinessSecurity
al
BergerodeCyber
αxel simon ↙︎↙︎↙︎
Fabio Natali
Paul Reynolds 
