Category: Uncategorized

IAM vs PAM vs IGA – what is the difference?

Identity security is now a cornerstone of enterprise cyber defence, particularly in the UK where regulatory pressure and threat levels continue to rise. Security teams often hear three related but distinct terms: IAM (Identity and Access Management), PAM (Privileged Access Management), and IGA (Identity Governance and Administration). While they overlap, each addresses different layers of…

Read More

JWT

JSON Web token (JWT) is an open standard (RFC-7519) that defines a compact self-contained way for securely transmitting information between parties as a JSON object. The format is intended for use in space constrained environments, such as HTTP authorization headers and URI query parameters. JWTs encode claims transmitted as JSON objects contained as a payload…

Read More

Transport Layer Security (TLS)

Transport Layer Security (TLS) is a cryptographic protocol that protects data when it is transferred between devices over a network. It is commonly used to secure web-based applications over the internet. Given the explosion in cloud services, mobile computing and IoT devices, the underlying technology to secure the data in transit has become of critical…

Read More

NCSC to update Cyber Essentials

The National Cyber Security Centre (NCSC) is planning to update the technical controls of its Cyber Essentials scheme in the new year. It has indicated that it will introduce an updated set of requirements on 24 January in the biggest overhaul since the scheme was first launched in 2014. The review comes in response to…

Read More

DNS Threats

As the world becomes more dependent on technology, the underlying architecture becomes even more important. A key, often hidden (or simply overlooked) technology is Domain Name Service. DNS is the service that gets you there. Or to put it in technical terms… the service that resolves a URL into an IP address to enable network…

Read More

What is TPRM?

Imagine a world where people demand data on any device, from any location, 24/7.  To deliver this level of service, businesses are deploying cloud architecture for almost everything. But shadowing these decisions is the largest annual increase in successful cyber-attacks within the last six years, and when seen alongside a global shortage of IT security experts…

Read More

Securing UK systems for Brexit

As part of Brexit negotiations, our consultation work with the Cabinet Office and the European Union was vital in ensuring that all shared IT Services between the UK and EU were identified and technically documented. As part of the scoping work of the UK Free Trade Agreement and the Northern Ireland Protocol, it was critical that…

Read More