🔍 “From Fear to Trust.”
Jimmy Tsang (CMO @MIND) joins our new Humans in Cyber series to explain why empathy, not anxiety, will define the future of data protection.

Humans lead - AI supports.

💬 What’s your perspective? Can emotional intelligence reshape cybersecurity culture?
Follow @technadu for more interviews with cybersecurity innovators.
Full Details:
https://www.technadu.com/from-fear-to-trust-why-the-future-of-cybersecurity-depends-on-positivity/611142/

#HumansInCyber #CyberLeadership #MindDLP #CyberTrust #EmpathyInTech #AIinSecurity #PositiveSecurity

What is FUD, why is it so prevalent in cyber security, and how can you take a more positive approach?

Archie Coomber takes a dive into human nature and how it may be hindering your decision making in our recent blog post: https://cydea.com/blog/why-so-much-fud/

#PositiveSecurity #FUFUD #Cyber #Risk #DecisionMaking

Only 1/3 of UK businesses have ever conducted a cyber risk assessment 😮

Plus we often hear from IT and Security Teams that struggle to know what makes a *good* risk assessment?

This is despite risk being widely regarded as the foundation for any cyber security programme. It features in government guidance, international standards, and wider good practice.

So we're starting a new series on the Cydea blog looking into just that. Plus tips and tricks on how you can up your #cyber #risk game (and maybe sneak in a bit of #CRQ too 🤑)

Check out the link below to the first part where we touch on preparation and (briefly) identifying risk - then make sure you're following Cydea for future updates!

What makes a good risk assessment? >> https://cydea.com/blog/what-makes-a-good-cyber-risk-assessment/

#PositiveSecurity #CyberRisk #InfoSec

Hop in the Cydea time machine and take a ride with us as we take a look at how #DORA could have changed history 🕰️

Penny takes a look at the Travelex and Tesco Bank incidents and how #risk management and #resilience testing could have played an important role in preventing and rebounding from those incidents.

Check out her blog post here: https://cydea.com/blog/dora-changing-history-improving-resilience/

#PositiveSecurity #CloseTheLoop #ContinualImprovement #Cyber

Penny's back with the next in our digital operational resilience series, this time looking at the differences between #DORA and #ISO27001.

Complying with a risk-based standard like ISO 27001 gets you a long way there, but there are still areas where you may need to do more.

Check out the Penny's blog post for the key differences between DORA vs ISO 27001, and for a link to Cydea's free DORA Readiness Quiz!

👉 https://cydea.com/blog/dora-differences-vs-iso-27001/

#PositiveSecurity #Cyber #Resilience #Compliance

Join us at #RISK, the UK’s premier event for governance, risk, and compliance, in just over a month!

You'll find @cydea at booth 73 (next to the coffee ☕️) discussing ways to improve cyber risk conversations, and showing off our Risk Platform!

Plus, don't miss @rto on 10th October in the Risk Theatre at 12:00: "Quantifying Cyber Risk: Tools and Techniques for Better Decision Making"

You can book your free ticket here: https://buytickets.at/grcworldforums/1109182/r/cydea

#CyberRisk #PositiveSecurity #CloseTheLoop #CRQ #RISKLondon

"Security teams are struggling to conduct accurate risk assessments and communicate the results with business and technology colleagues. They find simple questions like 'what is our risk?' difficult to answer meaningfully."

Check out this interview with Cydea founder Robin Oldham about why we need to change how we understand #cyber #risk

https://betanews.com/2024/07/31/why-we-need-to-change-how-we-understand-cyber-risk-qa/

#CloseTheLoop #PositiveSecurity #CRQ

What is "likely?" 🤔

This is what #BSides Exeter thought... ignoring the 0% trolls, "likely" means anywhere between ~30% and ~90% to the 50+ people that voted in our poll.

If you're struggling to communicate your #CyberRisk or don't feel like you're being heard, Cydea can help. Turn ambiguous statements into meaningful numbers that can underpin security programmes, investment cases, or show the benefit you're bringing to the business.

https://cydea.com/platform/

#PositiveSecurity #CloseTheLoop #CRQ #Cyber

From lecture halls to client calls...

Ridhwaan shares his journey from studying at Leeds Beckett University to a #consulting career with @cydea where he's helping to secure critical national infrastructure 💡

https://cydea.com/blog/from-lecture-halls-to-client-calls-getting-started-in-consulting/

#PositiveSecurity #Careers #Cyber

*️⃣ UPDATED: If your boss is asking "what does it mean?" about Friday's #CrowdStrike incident, or you need to circulate a briefing to your peers, you'll hopefully find a useful summary and some broader considerations in our risk advisory:

https://cydea.com/blog/advisory-crowdstrike-blue-screen/

#PositiveSecurity #CloseTheLoop #CyberRisk

Whew! What a jam packed three days.

Some of our key takeaways from the conference,
AI:
Not quite the ‘AI in cyber show’. A lot of vendors have integrated AI, using marketing terms such as ‘AI-reinforced’, but we didn’t see AI products built from the ground up, apart from in the start-up zone. AI felt like a substitution for ‘automation’ without an insight into the wider benefits.

Zero Trust:
Once a hot topic in the industry, zero trust was noticeable by its absence in strap-line marketing. It is now just on the features list, which indicates it has made its way through the hype phase and is accepted as standard for how things are done now.

Risk:
Risk is still a word you see a lot, but in the context of output from technical tools and/or services. Products around risk assessment and management are still few and far between. The 5x5 risk matrix and RAG statuses continues to dominate product dashboards.

Thank you to everyone who stopped by to chat to us, we hope you enjoyed the Cyber 100 Club with us.

If you missed the conference but want to chat, get in touch either here or by emailing hello@cydea.com

#PositiveSecurity #CloseTheLoop #infosec2024

If you’re at #Infosec2024 next week then we'd love to speak with you and offer you a break and chance to recharge.

We would love to catch up with our connections and have the perfect opportunity at the Cyber 100 Club next door.

It’s only a minute’s walk from ExCel, away from the hustle and bustle of the main exhibition, and you can enjoy hot and cold food, and a selection of beverages on us!

Whether you want to talk about your cyber risk programme, or just catch up, we’d love to see you.

Schedule a meeting: https://docs.google.com/forms/d/e/1FAIpQLSc1wKLm1_rWXDjV7XiVLC0wilmeXTTZ2e8rcUVTXAe07Y1ZPw/viewform?usp=sf_link

#PositiveSecurity #CloseTheLoop

Security Operation Centres (SOCs) are an important source of situational awareness and operational capability for organisations. They need to be built on a foundation of clear mission, skilled people, robust processes, and technology fed with the right data.

We can help you understand if you have the right capabilities, coverage and competencies to match the risk profile of your business. Then our pragmatic, actionable recommendations will help to improve the effectiveness and efficiency of your SOC and improve your return on investment.

Contact us to find out about how we can help you:

Define your detection and response strategy

Example the business case for in or out-sourcing

Conducting a performance assessment of your existing SOC

Visit https://cydea.com/services/security-operations-advisory/

#PositiveSecurity #SOC #SecurityOperations #MDR #EDR

We’re on the lookout for a Senior Consultant, so if you or anyone you know has a few years consulting experience, please take a look!

What we offer:
🙌 A truly collaborative approach to consulting
🔀 Working at the intersection of security and the business
🛠 The right tools to get on and deliver for our clients
⚖ Work/Life Balance

Find out more and apply: https://cydea.com/careers

#PositiveSecurity #ConsultingJobs #CyberRisk

Kaluza’s technology empowers some of the biggest energy retailers to better serve millions of customers and help them transition to net-zero.

Michelle spoke at our launch event about why she’s excited for the Cydea Risk Platform and the impact it’ll have on risk management across her organisation.

Get started today to:
📉Tangibly demonstrate how your security efforts directly reduce the risk faced by your business
✍️Identify and make ROI-driven decisions in business proposals
🏢Tie cyber into organisation-wide risk management strategies

https://youtu.be/JX5s1O3n174

#CloseTheLoop #CRQ #PositiveSecurity #CyberRisk

We’ve shared lots of exciting content from our launch of the Cydea Risk Platform.

But why should you sign up and close the loop on cyber risk?

Simply:
Track and manage your risk.
Improve cyber risk conversations.
Comply with frameworks.
Learn from security incidents.

Head to the comments to get started today!

#CloseTheLoop #CRQ #PositiveSecurity #CyberRisk

There are some big, well documented problems with 5x5 risk matrices (or ‘PIGs’ as we like to call them!🐖) We think they hinder, rather than help, communication.

Cydea Risk Platform helps achieve better security outcomes, such as improved communication between security, technology and business teams.

That’s why, when you open an assessment, you see an easy to understand ‘loss exceedance curve’. It shows you the aggregate risk of all your scenarios in your assessment. Clear, easy-to-digest visuals of your overall risk posture, and how it relates to your risk tolerance.

No more ‘how many ambers make a red’ or trying to mix colours. 🟥+🟨+🟩🟰🟫

If you’ve struggled to get buy-in for cybersecurity investments, or demonstrate the value in your security programme, then cyber risk quantification can help you achieve those goals (and much more!).

Plus you can import your existing risk register to get started in no time at all.

Get started today! cydea.com/platform

#CloseTheLoop #CRQ #PositiveSecurity #Cyber

Wow! What a night! Thank you to everyone who joined us at Soho Hotel last night to celebrate the launch of Cydea Risk Platform, a software-as-a-service solution that:

⏱️ radically accelerates cyber risk and compliance programmes,

💰 quantifies and models risk in monetary terms, and

🤝 improves communication and decision making between business, IT and security teams.

We can’t wait for you to get your hands on the platform, and start closing the loop on cyber risk. Check out https://cydea.com/platform/ find out more and get started, or send us a message to arrange a time to find out more!

#PositiveSecurity #CloseTheLoop #CyberRisk #CRQ #Cyber

What’s on the horizon? 🔜

We’ll be launching something new soon. Stay tuned! 👀

#PositiveSecurity #RiskManagement

The NCSC’s Cyber Assessment Framework (CAF) is an initiative aimed at helping organisations running essential services and critical infrastructure achieve an appropriate level of cyber resilience.

We believe in the principles of CAF and view the assessment as a great framework to help build cyber reliance in your organisation, however we also appreciate the level of detail required (in addition to BAU) means that sometimes you need a partner to share the load.

Why not make that partner us? https://cydea.com/services/ncsc-caf-cyber-assessment-framework/

#PositiveSecurity #CAF #NCSC #CyberAssessmentFramework