2T SECURITY
Callback

Cyber Security News and Insights

Category: Risk Management

So, what is a Cyber Risk Review?

For over a decade, 2T Security has been helping Critical National Infrastructure operators strengthen their defences by uncovering hidden cyber-risks in Operational Technology environments. Through focused, two-day workshops based on the NCSC’s Cyber Assessment Framework, our experts partner with your team to map IT-OT interconnections, expose legacy vulnerabilities, and deliver prioritised recommendations—rapidly improving resilience where it matters most.
Read More

My CyberFirst Summer Work Placement at 2T Security.

Read about Taran's experience of a summer placement at 2T Security, learning about risk management, the Cyber Assessment Framework (CAF), security monitoring and security architecture.
Read More
laptop screen showing a risktree diagram, within a red warning triangle

RiskTree: new and improved

We are delighted to launch a new and improved version of RiskTree. Read more to learn about the new features that have been added. Visit our RiskTree pages to learn more about RiskTree and how it can help you assess and prioritise your organisation's risks.
Read More

Escalating Threats to Critical National Infrastructure

Why are bad actors targeting CNI? Which sectors are most at risk? And what can be done to offer better protection?
Read More

How we made the GovAssure profiles

In this article, we discuss the approach to creating GovAssure profiles. We didn’t want to assume that government could use the existing CAF baseline profile based on a different threat profile to the private sector. Read more about how we ensured that the chosen profile reflected the threats faced by government.
Read More
using the CAF in practice

Using the Cyber Assessment Framework (CAF) in practice

A brief guide to using the Cyber Assessment Framework (CAF) in practice. If you’ve read our earlier blogs about the Cyber Assessment Framework (CAF), you'll know that it isn’t intended to be a checklist - find out more about outcome level dependencies and chord diagrams...
Read More
THE 5 'W's of the CAF

The Five W’s of CAF

If you want to know more about the Cyber Assessment Framework you've come to the right place. In this article, we'll explain the what, why, who, where and when of the CAF!
Read More

Pass (on) the PIGs

Probability/impact graphs have been used for a long time to assess risk, especially in spreadsheet-based risk registers. They give a misleading impression of risk levels though and hence organisations should be using alternative, and better approaches.
Read More
Tony Badsey-Ellis receiving his chartered cyber security professional certificate

2T SECURITY AMONG INDUSTRY’S FIRST CHARTERED CYBER SECURITY PROFESSIONALS

The UK Cyber Security Council ushered in the UK's first cohort of chartered cyber security practitioners this October. This followed the launch of its first pilot schemes last year, with an awards ceremony taking place in London. Tony Badsey-Ellis and Tony Beadle from 2T Security were among the first 40 to gain chartered status.
Read More

Understanding Intrinsic, Residual and Target Risks

When you start using RiskTree, a powerful risk assessment tool, it's important to grasp the nuances of different risk types: intrinsic, residual, and target. These terms sometimes spark confusion, as their meanings aren't always universally clear. Let's demystify these concepts for a clearer understanding.
Read More
Load More Insights
News Categories:
News Categories:
Archives
Archives
Uncategorised (4)
2T Security (20)
Risk Management (16)
RiskTree (10)
Security Monitoring (7)
Risk Analysis (14)
Risk Reporting (6)
AWS (1)
Careers (9)
CAF (6)
GovAssure (4)
CNI (3)
Security Architecture (3)
CyberFirst (2)
Partners (1)