i-confidential
2020 - Our Year in Review

By Chris Harragan, Security Analyst at i-confidential
In 2020, we made a conscious effort, as a company, to share more of our knowledge, experience, and thoughts online. We were more active on LinkedIn and wrote articles that we thought might be interesting and helpful.
If you would like to follow our company page on LinkedIn you’ll find us here, and if you have any comments, feedback, or ideas, we’d love to hear them.
If you haven’t had a chance to read any of our published articles from last year, what follows is a summary, with links if you want to delve deeper.
Planning to Succeed
Prioritising security decisions was particularly timely earlier last year. We outlined our approach to building a security improvement programme, and offered free advice and support to anyone wrestling with this during the pandemic (and we still are):
Making Difficult Security Prioritisation Decisions
It’s important for those of us working in cyber security to not get stuck in our own little bubble. Transparency, wherever possible, is better for everyone and helps get things done:
We've talked about prioritising security decisions, and there are also some wider questions to consider regarding how much to invest:
Investing in Cyber Security – How Much Is Enough?
Getting anything meaningful done in an organisation requires senior stakeholder support. Here, we outlined how to take the board with you on the cyber security journey:
Are You Taking the C-suite and Board with You?
We then delved into this roadmap in a bit more detail:
Key Considerations on Your Cyber Security Journey
In cyber security, we all know about managing known risks. But what about the ‘Black Swan’ event? How do we mitigate something we don’t see coming?
“It Will Never Happen” – Are We Prepared for It to Happen?
Effective Security
At the outbreak of the coronavirus, cyber criminals took advantage with phishing emails. The advice given in this article, however, is timeless:
Coronavirus Phishing Scams: Malware as Infectious as the Virus Itself
We often talk about access recertification. It is a service we have successfully delivered to many organisations. Unlike others, we don’t rely on software, but rather offer a more process-led approach as discussed here:
Access Recertification - We’ve Got It Covered
Cloud computing is growing year on year. We all want to take advantage of it, but need to consider the associated risks. We outlined a few of the major problems and their solutions:
Some Essential Steps to Securing the Cloud
Third parties with access to an organisation’s data pose a hidden threat. Profiling provides an understanding of which suppliers carry a greater risk:
Why You Need to Profile Your Third-Party Suppliers
Measurement of any activity is vital to ensuring it stays on track. Using the right measures to manage your cyber security is something we are passionate about:
Measurement Is the Key to Effective Management
Cultural Challenges
Remote working has been on the rise for years, but 2020 put it into overdrive. We considered its impact on company culture:
How Do We Preserve Our Culture from Afar?
One of the many things we’ve missed while working remotely is the clichéd, but always valuable, ‘water cooler’ chat. This is something we’re trying to address by getting a bit more creative, such as having virtual coffee meetups:
After the initial excitement of Zoom quizzes waned, we realised we needed more ideas to keep everyone enthused. We’ve now started some fitness challenges. Any other ideas are welcome:
And that’s a round-up.
Is there anything you would like us to explore in the coming months?
Please let us know, and we hope 2021 is a much better year for everyone!