.png?width=55&height=41&name=conosco_icon_lightbg%20(1).png "conosco_icon_lightbg (1)"){kind=icon}
Pen testing with assurance: find it, fix it, prove it
A penetration test should offer more than just a report; it should provide actionable insights for improving security. While it's essential to obtain findings that identify vulnerabilities in web applications, cloud platforms, networks, mobile apps, Application Programming Interfaces (APIs), and int …
Conosco is named one of The Sunday Times Best Places to Work 2026
We’ve got some brilliant news to share. Conosco has been named one of The Sunday Times Best Places to Work 2026, recognised in the small organisation category. For a business heading towards its 25th year, this is a huge moment. Not because it looks good on a badge, although it definitely does, but …
Why we’re beginning our Assurix certification journey
Trust in technology providers has to mean more than a good relationship, a fast response time or a polished service review.
Penetration testing for first-timers: how to know if you need one
Most first Penetration Testing projects are bought for the wrong reason. A client asks for a certificate, cyber insurance tightens its wording, or a board member reads about an incident and wants reassurance by quarter-end. Penetration Testing is most effective when it is risk-driven and well-scoped …
Long read: what the BBC got right, and where leaders must push further
This long-form analysis responds to the BBC’s investigation, “The true cost of cyber attacks – and the business weak spots that allow them to happen,” examining the incidents that halted Jaguar Land Rover, disrupted Marks & Spencer and Co-op, and exposed the fragility of the UK’s critical supply …
When one portfolio company gets hacked, you all pay.
Portfolio companies don’t face a single cyber risk. They face a networked risk. A compromise at one portfolio company often exposes shared vendors, credentials, and processes that repeat across the rest of the fund. That’s aggregation. It’s why ransomware and supply-chain attacks scale so efficientl …
In-house security vs outsourced: who wins on ROI, and productivity
Security can be a powerful catalyst for productivity, not a burden to bear. The right operating model frees engineers to build, removes friction from change, and shortens recovery when something goes wrong. For most UK organisations outside the very largest enterprises, managed security delivers fas …
Security tools ≠ security strategy
Security investments are rising. So are breaches Across the industry, there is a widening disconnect between spend and security outcomes. New platforms are deployed, contracts are signed, and dashboards are configured. But threats keep evolving, incidents keep happening, and organisations are often …
We made 9 cybersecurity predictions for 2025 - how are we doing?
Back in January, we sketched nine forces we said would shape cybersecurity through 2025. Seven months of field data are in. Some calls landed almost on the nose, others misfired, and a few are still warming up. Below is the expanded scorecard on how our predictions are stacking up. For details on ho …
October Cybersecurity Awareness: How IT Leaders Can Prevent a Ransomware Attack in 2024
Ransomware has evolved from a technical concern to a pervasive threat that requires a collective response from all levels of an organisation. From executives redefining priorities to employees being vigilant about online activities, cybersecurity is a shared responsibility. With ransomware ranking i …
.png?width=220&height=165&name=image%20(4).png)
