Tried, Tested and Proven

IT security


Portcullis regularly gets contacted by organisations seeking help with regards to cyber attacks. Motivation varies, with some taking a proactive stance against a perceived threat, others may have been warned of imminent threats to their organisation and some may consider themselves to be under attack. Are traditional security measures capable of handling many cyber attacks?What constitutes a ‘cyber attack’ varies, and I’m not going to try to define it here (nor do I much like the term), but at Portcullis we are exposed to client’s challenges relating to; state sponsored espionage, hacktivism, criminal gangs, malware, SCADA, DDoS, etc. My role in Portcullis sees me working with clients to design and manage our response to the client’s requirements in this space.

Some organisations demonstrate a good security posture and the route to meeting their security goals is comparatively straight forward. However, we find that good number of organisations demonstrate poor security posture; for whatever reason, they have managed to survive with security someway-off good practice. We encounter cultural issues, where security is a low priority, poor patching, no segregation, lack of assurance, poor monitoring, unsupported legacy systems and more. Continue reading

Once again, this October, Portcullis will be attending the e-Discovery and e-Investigations 2013 event in London.
Portcullis comes to e-Discovery (e-Disclosure) from a forensic background and with real technical expertise.e-Discovery and e-Investigations

Our security professionals within the fields of e-Discovery and Digital Forensics will be on our stand to offer advice and consult with delegates from across the full range of industry sectors.

Key themes for 2013

  • Creating an enterprise-wide records management policy to ensure preparedness for
    e-Discovery requests.
  • Meeting e-Investigations and litigation data requests in an efficient and cost-effective manner.
  • Mitigating e-Discovery risks associated with a changing technology landscape.
  • Ensuring compliance with statutory, legal, and jurisdictional requirements.

Continue reading


Passwords will remain a recurring topic in IT security, whether we like them or not, they are a key control and one which shows no signs of being replaced. The key issue with passwords is the people who set them, the individual! We all know that most users put little effort into setting them and sadly they also put little thought into the implications of systems they are used on being compromised. As can be seen from the spate of recent high profile password leaks. Continue reading