| Website | https://cydea.com |
| OS Projects | https://cydea.tools |
| Other socials | https://linktr.ee/cydea |
What is FUD, why is it so prevalent in cyber security, and how can you take a more positive approach?
Archie Coomber takes a dive into human nature and how it may be hindering your decision making in our recent blog post: https://cydea.com/blog/why-so-much-fud/
What is "likely?" 🤔
This is what #BSides Exeter thought... ignoring the 0% trolls, "likely" means anywhere between ~30% and ~90% to the 50+ people that voted in our poll.
If you're struggling to communicate your #CyberRisk or don't feel like you're being heard, Cydea can help. Turn ambiguous statements into meaningful numbers that can underpin security programmes, investment cases, or show the benefit you're bringing to the business.
Whew! What a jam packed three days.
Some of our key takeaways from the conference,
AI:
Not quite the ‘AI in cyber show’. A lot of vendors have integrated AI, using marketing terms such as ‘AI-reinforced’, but we didn’t see AI products built from the ground up, apart from in the start-up zone. AI felt like a substitution for ‘automation’ without an insight into the wider benefits.
Zero Trust:
Once a hot topic in the industry, zero trust was noticeable by its absence in strap-line marketing. It is now just on the features list, which indicates it has made its way through the hype phase and is accepted as standard for how things are done now.
Risk:
Risk is still a word you see a lot, but in the context of output from technical tools and/or services. Products around risk assessment and management are still few and far between. The 5x5 risk matrix and RAG statuses continues to dominate product dashboards.
Thank you to everyone who stopped by to chat to us, we hope you enjoyed the Cyber 100 Club with us.
If you missed the conference but want to chat, get in touch either here or by emailing [email protected]
If you’re at #Infosec2024 next week then we'd love to speak with you and offer you a break and chance to recharge.
We would love to catch up with our connections and have the perfect opportunity at the Cyber 100 Club next door.
It’s only a minute’s walk from ExCel, away from the hustle and bustle of the main exhibition, and you can enjoy hot and cold food, and a selection of beverages on us!
Whether you want to talk about your cyber risk programme, or just catch up, we’d love to see you.
Schedule a meeting: https://docs.google.com/forms/d/e/1FAIpQLSc1wKLm1_rWXDjV7XiVLC0wilmeXTTZ2e8rcUVTXAe07Y1ZPw/viewform?usp=sf_link
Niall McElroy, David Rankine and a few other members of the Cydea team will be descending on ExCel for Infosecurity Europe 2024 next week. Cydea won't have a stand in the main venue, instead we're sponsoring the Cyber 100 Club, in the Novotel next door from 12-8pm on Tuesday 4th and Wednesday 5th June. Join us and enjoy a bite to eat in the lounge or drink on the terrace when the conference becomes a bit too over (or under) whelming. Cyber 100 Club provides a quiet space away from the crowded and noisy environment of the main Infosec exhibition floor. Take a comfortable seat and catch up with peers and technology luminaries, with complimentary hot and cold food and non/alcoholic beverages. If you’d like to join us there in between talks at the main conference to chat about anything and everything, let us know.
Suffering from blank page syndrome with your cyber risk assessments?
Getting started with mapping your risk can be challenging. Whether that’s understanding what matters, calculating the probabilities of certain risks occurring or getting the right stakeholders involved to get their input.
We’ve taken our collective years of experience to create a simple to use library of common risk scenarios, complete with guidance on where to ask for the information you need to make a decision. Nice and easy!
Get started today! https://cydea.com/platform/
Security Operation Centres (SOCs) are an important source of situational awareness and operational capability for organisations. They need to be built on a foundation of clear mission, skilled people, robust processes, and technology fed with the right data.
We can help you understand if you have the right capabilities, coverage and competencies to match the risk profile of your business. Then our pragmatic, actionable recommendations will help to improve the effectiveness and efficiency of your SOC and improve your return on investment.
Contact us to find out about how we can help you:
Define your detection and response strategy
Example the business case for in or out-sourcing
Conducting a performance assessment of your existing SOC
Visit https://cydea.com/services/security-operations-advisory/
Many people have told us that conducting risk assessments is a chore. They end up spending more time managing spreadsheets than managing risk.
Cydea Risk Platform makes it easy for security teams to conduct a risk assessment with input from their business and technology colleagues.
The result is a shared, quantified understanding of the cyber risk the business faces and clear investment cases to tackle that risk.
Get started today! 👉https://cydea.com/platform/
We’re on the lookout for a Senior Consultant, so if you or anyone you know has a few years consulting experience, please take a look!
What we offer:
🙌 A truly collaborative approach to consulting
🔀 Working at the intersection of security and the business
🛠 The right tools to get on and deliver for our clients
⚖ Work/Life Balance
Find out more and apply: https://cydea.com/careers
We’ve shared lots of exciting content from our launch of the Cydea Risk Platform.
But why should you sign up and close the loop on cyber risk?
Simply:
Track and manage your risk.
Improve cyber risk conversations.
Comply with frameworks.
Learn from security incidents.
Head to the comments to get started today!
There are some big, well documented problems with 5x5 risk matrices (or ‘PIGs’ as we like to call them!🐖) We think they hinder, rather than help, communication.
Cydea Risk Platform helps achieve better security outcomes, such as improved communication between security, technology and business teams.
That’s why, when you open an assessment, you see an easy to understand ‘loss exceedance curve’. It shows you the aggregate risk of all your scenarios in your assessment. Clear, easy-to-digest visuals of your overall risk posture, and how it relates to your risk tolerance.
No more ‘how many ambers make a red’ or trying to mix colours. 🟥+🟨+🟩🟰🟫
If you’ve struggled to get buy-in for cybersecurity investments, or demonstrate the value in your security programme, then cyber risk quantification can help you achieve those goals (and much more!).
Plus you can import your existing risk register to get started in no time at all.
Get started today! cydea.com/platform
