Dan Aspin’s Post

This should be interesting. DM me if you’d like to reserve a space.

Absolutely magnificent effort from these guys.

For all those managers in the England branch of the UK, with football loving staff (yes that’s about 99% of you) My message is simple. ‘It is now officially time to announce the end of the day so that they can get home, get the kettle on, beer cracked open etc etc and nervously sit through another 2 hours of torture that only England know how to deliver. Cmon the lads!!!

Big news! Bulletproof are joining The GRC Group. This is a super exciting time for all of us, and I'm so proud of the hard work from all my colleagues in Bulletproof that got us here. Bulletproof will still be the same awesome teams delivering our services – just now with a ton of new possibilities for the future. Can't wait to see what we achieve together! See our full press release here https://lnkd.in/eeaHiHTy

I watched snippets of Roger Federer’s commencement speech at Dartmouth and one thing he said really resonated with me. During his career, he won almost 80% of the matches he played. However, breaking those stats down further he revealed that he only won 54% of the points. This highlighted to me three key things: - He is very detail-orientated. - He excels under pressure. - These stats can be applied across any industry. Reflecting on this in the realm of Cyber Security, it's akin to vendors promoting their solutions claiming to stop 99.9% of attacks, much like bleach or hand wash. The moral of the story for me is this: perfection is unattainable, even for greats like Roger Federer but winning the small, key battles is what differentiates you from a journeyman pro to an all time great. Think about that when deciding on a cyber partner. Do you want/need a partner that shouts loudest or one that quietly has your back in the key moments. If you like your cyber suppliers with a little less of the macho ego and a little more of the realism, then get in touch. It’d be great to hear from you.

I’m from Leeds, and anyone that’s from around the area will be familiar with the pretty regular taking off of aircraft from our beloved LBA airport. I’m so used to looking up at the sky and seeing the Silver and Red of Jet2 and the Blue and White of Ryanair that I almost forgot other aircraft carriers exist. This changed when I was stood outside my hotel in Stevenage the other day (there for a trip to the office, not Infosec) I saw planes from EasyJet, BA and others…. This got me thinking about cyber (I’m not sure why) and how, there are dozens of aircraft flying out of the various airports in the UK, a lot of them to the same destinations around the world. we have the same thing in cyber security. A lot of companies offering very similar services at very similar prices and the only difference, like the aircraft, are the logos. So, if you’re fed up of sitting in the same metaphorical plane seat, eating the same, again metaphorical, micro-nuked plane food then drop me a line. Perhaps you might just find the seats that bit comfier and the staff that bit friendlier. #pentesting #cybersecurity #iso27001 #GDPR #MDR

Joshua is an absolute inspiration. Anyone who has a few minutes spare, I urge you to read his journey and vote for him in the positive role model award category.

There’s a lot to consider when looking at cyber accreditation for your organisation. I think it’s dependant on a few criteria,   How mature you are, the industry you’re competing in, size of your organisation are just a few but here's a few pros and cons we preach at Bulletproof that I’m hoping could be of use to anyone whose currently torn about which avenue to explore Cyber Essentials & Cyber Essentials Plus: Pro: Sets a foundation for cybersecurity best practices, fortifying defences against prevalent cyber threats and usually cheaper to obtain than the others. Con: While Cyber Essentials is fundamental, Cyber Essentials Plus might require substantial staffing resources for achievement and maintenance. ISO 27001: Pro: Guarantees thorough auditing and compliance with global standards, boosting credibility and trust. Con: Demands significant time and resources for preparation and upkeep. SOC 2: (Not an accreditation strictly speaking) Pro: Crucial for service-focused enterprises to showcase their data-handling integrity. Con: Implementation and maintenance can be intricate, especially for smaller ventures with limited resources. #CyberEssentials #ISO27001 #SOC2 #CyberSecurity #CyberAccreditation

I’ve been reading a lot of posts, an awful lot in fact….. A lot of these are from overworked and overstressed senior IT and Cyber staff who are reaching the end of their tether with the amount of cold outreach they’re receiving from salespeople both on LI and via phone/email. I can’t stop that, well at least not all of it. However, that been said, I am here to offer a simple little hack for LinkedIn that should weed out the chancer salespeople from the person who might have something of value for you. The solution is thus, Simply put a sentence somewhere in your profile (I’d suggest around 3/4 of the way down) that confirms that all DM’s/Inmails will be instantly deleted unless a certain word is used (I like Kumquat) as the 1st line of that person’s message. Most of the chancers will be blind messaging you, will have done 0 research on either you as an individual or the business that you serve. If they can’t do that, it’s only fair you don’t spend 30 seconds reading their pitch, easy to spot and block through the message preview so not much time spent. If, however, you see a few with ‘Kumquat’ as the subject line or 1st word of the message, there is a better chance they’ve at least read your profile and might understand a little more about you and your business and the pitch might be at least semi personalised. I rarely beg or ask for likes/comments/reshares but this post is offering a useful workaround to an escalating problem so please do share, comment, repost til your hearts content. #sales #outreach #coldcalling #spam