Cyber Security News and Insights

Explore learnings from our team

Why it’s critical to consider relationships when building risk reports

If you manage risk, one vital part of your job is reporting your project’s status and results to other groups: the board, management, and external auditors. And when building reports, risk managers must pay careful attention to the relationships of the intended audiences.
Read More

Celebrating Ten Years of 2T Security

We typically don't divulge much of our work, partly because we're security professionals, but also because we've been focused on building an exceptional business. Nevertheless, we are incredibly proud of our team, clients, and delivery. We want to express our gratitude to all those who have been a part of our journey.
Read More

Principles are good, but exceptions are OK

Recently we discussed the security of RiskTree with a client, who ran through the NCSC Cloud Security Principles. Since RiskTree is delivered as software-as-a-service, this made sense. One point that arose was the lack of Multi-Factor Authentication (MFA) in use: CSP Principle 10 states that 2FA is ‘considered good practice’, using either a hardware or software token or out-of-band challenge.
Read More

8 Reasons Not to Use Spreadsheets for Risk Management

In this article, we explore 8 reasons to stop using spreadsheets to manage risk, and the additional threats this approach to risk management subjects businesses to. We also suggest a better, cost-effective alternative to spreadsheets.
Read More

Tips for successfully implementing a risk analysis program at your organisation

There’s a lot that you can do, and I’m sure there’s a lot that you aspire to do. But get an understanding of where you stand today, where you need immediate improvement, and where you hope to immediately see value. This will get you on the front foot. More tips...
Read More
News Categories:
News Categories: