2T Security Cyber Security Insights
News and learnings from our team of cyber experts
Starting a new placement can be daunting, but my first two weeks at 2T Security have been nothing short of inspiring. My CyberFirst summer placement has been a perfect mix of learning and real-world impact; I’ve been welcomed into a supportive team and trusted with meaningful, technically rewarding cyber security projects from day one.
CAF 4.0 has arrived, bringing major updates to the UK’s Cyber Assessment Framework. Compared to version 3.2, it introduces new contributing outcomes, over 100 new Indicators of Good Practice, and significant restructuring, especially in Objective C (cybersecurity monitoring and threat hunting). While many changes are minor or clarifications, around 60 require closer review, meaning organisations transitioning from CAF 3.2 will need to reassess key areas. Our blog breaks down where to focus your efforts when updating your assessment process.
Twenty-five years after the ILOVEYOU virus (aka Love Bug) paralysed inboxes worldwide, we're reflecting on what’s changed, and what hasn't. From air-gapped OT networks to hybrid cloud vulnerabilities, this blog connects the dots across decades of cyber threats, hard-won lessons, and why “secure by design” matters more than ever.
If you’ve ever battled with legacy vendors, cloudy risk registers, or ICS design headaches, this one’s for you.
For over a decade, 2T Security has been helping Critical National Infrastructure operators strengthen their defences by uncovering hidden cyber-risks in Operational Technology environments. Through focused, two-day workshops based on the NCSC’s Cyber Assessment Framework, our experts partner with your team to map IT-OT interconnections, expose legacy vulnerabilities, and deliver prioritised recommendations—rapidly improving resilience where it matters most.
In a market dominated by big consultancies and cookie-cutter solutions, 2T Security stands apart as the original British independent cyber security consultancy. Founded in 2013 by two of the UK’s leading experts, we focus on delivering honest, pragmatic advice—driven by core security principles and an unwavering commitment to independence. Discover how we continue to protect what matters most by asking the questions others won’t.
In an era flooded with sophisticated cyber security tools and vendor alliances, true independence can make all the difference. Free from investor pressures and exclusive product partnerships, an independent cyber security consultancy prioritises your unique needs—offering unbiased advice, transparent guidance, and ethical assurance. Discover why embracing independence is essential for navigating global supply chains, geopolitical complexities, and, ultimately, securing your organisation’s future.
Celebrate the CyberFirst Girls Awards, where 2T Security sponsors East Midlands winners, empowering young women in cyber this International Women’s Day.
Discover how our DevSec Hackathon brought together developers and security architects to automate infrastructure testing. By creating 30+ automated tests, we're ensuring our reference environment remains secure after every reinstall.
Thanks to the CyberFirst Bursary program, I secured a summer placement at 2T Security. On my first day, the team outlined what I’d be learning and doing during the placement, and I’ll admit—I felt a bit overwhelmed and nervous about taking it all in.
Read about Taran's experience of a summer placement at 2T Security, learning about risk management, the Cyber Assessment Framework (CAF), security monitoring and security architecture.