Halkyn Security Blog
Specialist Security & Risk Management Consultants

Posts by Halkyn Security

Memory analysis in incident response – never leave home without it

Memory analysis supports incident response in ways people never consider

Incident response is often a stressful, high-pressure situation. Responders are desperately trying to claw together information. All around them the world is collapsing. Furthermore, everything important seems to be deleted or obfuscated. Yet it is not all doom and gloom. They have memory analysis. Life can be hard for the incident responder. You are faced […]

Read More

Christmas – Seasonal Shutdown

Christmas – Seasonal Shutdown

Merry Christmas Halkyn Consulting will enter its Christmas shut down period on Friday 22 Dec. We remain closed to new business until Tuesday, 2 Jan 2018. As always, existing customers can still engage us through the normal means. So all that remains now is for us to wish all of you a Happy Solstice, Merry […]

Read More

Checklist or your memory, is one better?

Checklist or your memory, is one better?

Quite rightly, security professionals are proud of how much information they hold in their heads. There is no doubt that to be effective you need to have immediate access to lots of different concepts. However, the really effective ones also have a checklist. First off – the problem. Lots of certificate exams are memory tests and […]

Read More

Threat Hunting – essential for every business

Threat Hunting - Do it right

Lots of articles, blog posts and webcasts talk about threat hunting. Despite this few, if any, organisations do it. This is a mistake. Security hit the headlines again recently, when Equifax admitted to a breach exposing around 143 million records of personal data. While details are still emerging, it looks like the attackers compromised an […]

Read More

UOC – Cybersecurity Conference 2017

UOC Cyber Security Conference 2017

Cybersecurity is big news with governments and businesses suffering at the hands of cyber attacks. As a result of this, the University of Chester (UoC) STEMs society is hosting a Cybersecurity Conference on the 28th March 2017. The primary aim is to raise awareness of Cybersecurity. In addition, it will provide an opportunity to build professional networks and encourage career […]

Read More

Dashboards vs Security – are they really helping?

Example Security Dashboards

Metrics, Dashboards and Security Like them or not, metrics are a fundamental part of every organisation. Security doesn’t get to a free pass. It is a rare CISO who doesn’t demand dashboards showing how all the security controls are performing. Therefore for most organisations, this is a fight long lost. This may not always be a […]

Read More

Security Incident Response Really Does Matter

Hacked? Time for incident response...

Incident response is one of those things you really hope you’ll never have to use, but know you will. Or at least you should know! Even with the best security, there will come a day when you are up to your eyes in chaos. Either a live security incident or, worse still, picking up the pieces […]

Read More

North Wales Cyber Security Cluster – April 2016 Meeting

Cyber Security Cluster - April 2016

The North Wales Cyber Security Cluster is meeting on 21 April at Solvings Ltd, in Mold, Flintshire. Solvings provide a great location and the cluster is a wonderful opportunity to learn about cyber security. Access to cluster meetings is free and everyone is welcome. No prior knowledge is needed. There really are no stupid questions! Clusters […]

Read More

Ransomware: Don’t panic – deal with it

Ransomware bites hard but good security controls are effective

Since Cryptolocker appeared in late 2013, it seems hardly a day can go by without some ransomware attack hitting the news. The variations all have entertaining names like Teslacrypt, Locky, PayCrypt (etc). The impact on the victims can be monumental. Tracking sites show new versions appearing several times a day – much faster than most […]

Read More

Cyber Essentials – Would it have saved Lincolnshire County Council?

Lincolnshire County Council - Hit by ransomware Jan 2016

Cyber Essentials is a UK Government driven scheme which is designed to help businesses of all size reduce the risk and impact from malware attacks. It is mandatory for those who provide services to the MOD. Cyber Essentials is becoming mandatory for those who provide services to any other government department – including local government […]

Read More

3 essential elements of any Infosec function

Infosec - its a team sport

As the news often shows, Information Security (infosec) is a big part of any organisation. From the small business with just a couple of computers to the global enterprise, infosec wraps around what you do, keeping you safe. Infosec is the function which keeps you servicing your customers. It protects your data. It ensures that […]

Read More

Incident Response – 5 key stakeholder groups

Incident Response - Your team cant function in a vacuum.

Incident response is a vital component of every organisations security. It provides the safety net for when the inevitable happens and other controls fail. A good incident response team will also have subject matter experts who can guide your entire organisation’s security strategy. If you take security even slightly seriously, you will have an incident […]

Read More

Halkyn Consulting – Site Redesign / Cyber Security Cluster

The new Halkyn Consulting Security Services website

As you may have noticed, the Halkyn Consulting website has undergone a redesign. This is aimed to improve our responsiveness on multiple platforms, allow us to expand our services without compromising readability and to help showcase our new activities. The new site is now fully live. If you have any comments or feedback we would […]

Read More

AV is not dead – it just has limits

AV is not dead, just understand what it can and cant do.

Antivirus (AV) has been around for decades now and this is both a good and bad thing. On one hand, AV is so well known most people already understand that they need to have it. But on the other, all the attackers know about it. This means the first step in pretty much every attack […]

Read More

Supplier Security – A lesson for T-Mobile

Supplier security problems result in this notice from the CEO of T-Mobile

Supplier security is something most organisations are at least aware of, and lots actually realise they need to do something about it. However, most of the time, “doing something” about it involves a quick chat with the supplier, possibly a generic check-list and a review that the contract at least mentions security. The problem is thinking […]

Read More