We Rise... The Year of the Dragon

Happy Chinese New Year! This year is the year of the Dragon, and we are taking that energy into this year here at PocketSIEM and th4ts3cur1ty.company.

February was a busy time for breaches, but also a busy time for takedowns of threat actors. The Lockbit ransomware group was taken offline and disrupted for a short period by a partnership that included the NCA in the UK, the FBI, and partners from nine other countries, proving that even ransomware groups find vulnerability patching hard (there was a flaw in PHP was the reasoning they gave). As well as Lockbit, the FBI dismantled the Warzone RAT malware operation, although this wasn't as widely reported.

The latest release of the NIST Cybersecurity Framework, which is now aimed at all businesses, not just critical national infrastructure is a major update. If security and compliance are on your agenda, NIST is likely a framework you will recognise. The new update makes it applicable for businesses of any size - could this mean that future legislation is coming for businesses later down the line?

For th4ts3cur1ty.company, as well as releasing DracoEye last month, our free tool for the security community, we also announced FrankenSOC as a new SOC service last month. You can now bring your SIEM to our SOC Service, as an alternative offering to PocketSIEM.

I also had a massive surprise last month when I won an award as Most Inspiring Women in Cyber Security alongside 19 other incredible women in the industry. Although I have been heavily involved in organizing cyber conferences ( BSides Lancashire and BSides Leeds for almost two years) and recruiting for cyber talent for almost 10 years, I only consider myself to be "properly working in cyber" since joining th4ts3cur1ty.company last October, so to be nominated and to be recognised as inspiring is incredibly humbling.

So now is probably a good time to talk about what I do at th4ts3cur1ty.company

My role is described as a magical genie role and keeps me busy every day. I am customer-focused, helping customers of all shapes and sizes identify their security challenges, and looking to provide the right security solution.

For example, one morning I could be speaking to a scientific organisation who have a technology roadmap, but security is a new focus for them. For that business, we may discuss a risk and maturity assessment, which helps them identify where they are in terms of cyber maturity, where they want to be, and a plan to get to that point. On the next call, I could be speaking to a customer about our PocketSIEM solution, on either a 24/7 (Platinum) basis or 1 hour a day (Silver) service.

That same day I might be scoping out a penetration test, with one of our Security Consultants, and pulling together the proposal and SoW as part of that sales process. Another popular piece of work is a Cyber MOT, which is a smaller high-level security assessment that assesses a business's processes and makes recommendations. My days are full and varied!

Just some of the amazing places you will find us over the next two months!

If you are stuck with your cyber strategy, need some advice as to where to start with securing your business, or have the budget for pen testing or a SOC service, then do drop me a message. I am always happy to chat!