Information Security Awareness
Stephen Brownlow (IT Coordinator for Washington Metalworks) said that his attendance at the workshop encouraged him to “to raise awareness in the company of threats within the business and to take preventative measures, instead of being reactive to problems as they arise.”
Digital Forensic Investigation
A team from the Nigerian Economic and Financial Crimes Commission (EFCC) attended a 12-day training course in digital forensic investigation. This provided a mix of skills development and instilled a greater understanding of policies and procedures, in this case the development of best-practice digital forensics investigatory policies and procedures. Hadyzai Junaidu (Nigerian Economic and Financial Crimes Commission) indicated that they “really enjoyed the whole experience, but the best part of the programme has been the practical workshops; after all, we came over here to learn practical skills that we can take back and will help us to do our jobs better.”
Device and Network Security
ENISA (European Network & Information Security Agency) commissioned us to write a case study based on device and network security for its 2011 report on Emerging and Future Risks. Louis Marinos (Senior Risk Management, ENISA) said the case study was “key” to the successful completion of the report and its wide readership and that it “helped in the assessment of related risks.” This report forms a major part of the latest EU Cyber Security Directive’s backbone: Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace (ec.europa.eu/digital-agenda). The Government Department for Business, Innovation, and Skills, as well as national bodies such as the British Computer Society have also commissioned reports on cyber security and good practice from Signacure.
In 2011 a client was able to improve the security on their newly released VPN Client application following advice from Signacure; “very grateful for all your hard work on identifying the security issues” (Saul Howells, Bede Communications – a new tech start-up, requiring testing of their product before being released to production, 2011).
Trusted Reporting Service
Through its Trusted Reporting Service, Signacure was able to assist a client with dealing with malicious software that exploited an unpatched vulnerability in the Microsoft Windows operating system. After the exploit was dealt with, the incident was written up as an anonymised training case and shared with all the Signacure subscribers. That particular workshop resulted in one of the members calling requesting assistance with a security incident, which in turn led to Signacure providing further guidance to SMEs in Ireland and Gibraltar. “It was very refreshing to work with the Signacure. Their enthusiasm, passion, ethics and most importantly expertise is second-to-none. (Ian Brown Principal Business Consultant Excelpoint Limited, 2012).