Capita receives £14M fine from UK ICO for "failing to ensure the security of personal data" (TL/DR Summary) - Capita plc has been fined £8m and Capita Pension Solutions has been fined £6m f... Capita receives £14M fine from UK ICO for "failing to ensure the security of personal data" (TL/DR Summary) - Capita plc has been fined £8m and Capita Pension Solutions has been fined £6m following a...

Capita fined £14m by U.K. ICO for cyber attack and data breach. Here is the TL/DR summary of the ICO report with some pretty powerful quotes from the Information Commissioner.

www.linkedin.com/posts/lisa-f...

How has GenAI / LLM's changed the cyber crime and fraud landscape? (TL/DR version). Here are some of the key developments that have been seen in 2025! I will keep this to a short, digestible… | ... How has GenAI / LLM's changed the cyber crime and fraud landscape? (TL/DR version). Here are some of the key developments that have been seen in 2025! I will keep this to a short, digestible summary...

AI / LLM issues v278.0 🤣Feel free to add to them!

www.linkedin.com/posts/lisa-f...

Resilience requires redundancy! Incoming caving reference 😂 Solo caving - something I’ve come to enjoy (I never thought I would) but I love the adventure. Redundacy is important in climbing… | Lisa ... Resilience requires redundancy! Incoming caving reference 😂 Solo caving - something I’ve come to enjoy (I never thought I would) but I love the adventure. Redundacy is important in climbing, diving ...

A fuller explanation of solo caving prep and why you need invest in redundancy (in cyber too)

www.linkedin.com/posts/lisa-f...

Tire giant Bridgestone confirms cyberattack impacts manufacturing Car tire giant Bridgestone confirms it is investigating a cyberattack that impacts the operation of some manufacturing facilities in North America.

Tire giant Bridgestone confirms cyberattack impacts manufacturing

via @bleepingcomputer.com

According to the BBC a watchdog has warned that the UK Government is unable to calculate the cost of the Afghan data breach. The MOD did come up with a figure but National Audit Office (NAO) has… | ... According to the BBC a watchdog has warned that the UK Government is unable to calculate the cost of the Afghan data breach. The MOD did come up with a figure but National Audit Office (NAO) has sai...

The uk gov has been criticised for not being able to quantify the cost of the afghan data breach. So how hard is this? What factors do we need to consider and what are the difficulties?

www.linkedin.com/posts/lisa-f...

Why do you need to care about cyber resilience in the global south? | Lisa Forte Why do you need to care about cyber resilience in the global south? I was reading a case study the World Bank put out a while ago about their amazing success in increasing the cyber resilience and d...

Why increasing cyber resilience in the global south should concern us all …

www.linkedin.com/posts/lisa-f...

"Notify early. | Lisa Forte "Notify early. Stand down later" In my experience this is the best strategy to employ during an incident when you are considering your Gold or Silver teams. One of the fatal flaws I regularly see ...

“Notify early, stand down later” - if it’s good enough for cave rescue it is good enough for your crisis plans! 🫡 why I think this is the best strategy in an incident!

www.linkedin.com/posts/lisa-f...

The Rise of Scattered Spider: What Every Organisation Needs to Know Discover who Scattered Spider are, how they breach major enterprises, and the key steps your organisation can take to defend against their evolving tactics.

My latest blog looking at Scattered Spider from the perspective of how to best prepare your organisation for one of their style of attacks.

Moving fast on key decisions has shown to be vitally important!

Hope you find it useful.

red-goat.com/scattered-sp...

Playing around with Google’s Flow and suite of AI tools including Gemini and Veo3. It made the most amazing and hilarious trailer for cyber war! 😂😂 I LOVE it! Wait till you see the ending 😜🫡

Pirates and Ransomware groups...... | Lisa Forte Pirates and Ransomware groups...... I started my career in security working in counter piracy operations around the Gulf of Aden. I have been preparing a talk focusing on the stories and experience...

Pirates and ransomware groups - what we should learn from counter piracy operations. Sound familiar?

www.linkedin.com/posts/lisa-f...

BBC Radio 4 - The Bottom Line, Cyber Attack: On The Front Line Of A Hack What really happens when cyber criminals hold a business to ransom?

Really enjoyed being a part of this show on the BBC with @evanhd.bsky.social all about the realities of a cyber attack and how you can and should be preparing for an incident! www.bbc.co.uk/programmes/m... Hope you enjoy it!

If your organisation wants help developing your cyber crisis preparedness, testing what you have with immersive exercises or building specific playbooks, get in touch. Building operational resilience is so crucial.

Money 20/20 is a fantastic event! The stages are beautiful, vibe is friendly, content is fantastic.

I was on a panel yesterday on security, privacy and digital identity wallets.

Grateful to Visa team for the invite to their evening drinks too ❤️ so much fun.

I want to come back every year! 😍

Anthropic's new AI model turns to blackmail when engineers try to take it offline | TechCrunch Anthropic says its Claude Opus 4 model frequently tries to blackmail software engineers when they try to take it offline.

The article doesn't really address the fact that Claude is only mimicking behaviors in its training data set.

Still, it's a great highlight of how quickly dystopian fiction in a training data set can become dystopian reality when AI agents are given too much access.
techcrunch.com/2025/05/22/a...

The BBC documentary I was in on the retail cyber attack is now out on iplayer!! It was great to see @j4vv4d.com on there too!

It’s a good documentary and should be a salient reminder to all businesses it can happen to anyone so prepare now!

www.bbc.co.uk/iplayer/epis...

Inside the High Street Cyber-Attacks Who hacked M&S and Co-op? We go inside the cyber-attacks that shook the British high street and ask how flaws in digital defences were exposed.

Here she is, the lovely @lisaforte.bsky.social from @redgoatcyber.bsky.social on a @BBCNews report called "Inside The High Street's Cyber Attacks" 😁😁

I just did an interview on this very topic with @natschooler.bsky.social 🥰🥰

Watch it on @BBCiPlayer now ⬇️⬇️ xx

www.bbc.co.uk/iplayer/epis...

The Legal Aid hack has two components 1) the data theft which if is as stated includes incredibly sensitive data and 2) the fact their services were pulled offline (presumably to contain the threat)

They state they have contingencies in place to continue to provide services.

I had an unbelievable time in Dubrovnik! 😊 The event was so much fun… | Lisa Forte I had an unbelievable time in Dubrovnik! 😊 The event was so much fun and some really great discussions about ransomware (and I went back to my piracy roots having dinner on a boat resembling an old ...

Croatia you were fantastic ❤️ Great event!

www.linkedin.com/posts/lisa-f...

Filming today for a bbc documentary covering the uk retail attacks.

😊🫡

DOGE software engineer’s computer infected by info-stealing malware The presence of credentials in leaked “stealer logs” indicates his device was infected.

Most predictable thing ever happened.

arstechnica.com/security/202...

Not red. Not even orange.

Co-op hackers stole 'significant' amount of customer data | Lisa Forte Update on Co-op attack. TL/DR: Ransomware group DragonForce claim to be behind the attack. Members DB breached by attackers. “The Co-op membership database is thought to be highly valuable to the ...

TL/DR on the co-op attack

www.linkedin.com/posts/lisa-f...

Off to run a technical exercise for a client’s silver team today. I always enjoy doing these especially when you have a client who has worked with you to make something realistic but really challenging for the team (and the weather is gorgeous) 🥳

Our 3rd episode is out now! @sarahasmith.bsky.social and I talk to our next guest on intelligence gathering, election interference and what privacy price we are all paying! youtu.be/0iyF6lVKTqI?... @cybersisters.bsky.social

💡 To recover or rebuild - that is the question 💡 This is a difficult… | Lisa Forte 💡 To recover or rebuild - that is the question 💡 This is a difficult but important thing to consider when preparing for a cyber incident. Do I want to pursue recovery or rebuild from scratch? Rebui...

Picking whether to recover or rebuild (and a doggo) www.linkedin.com/posts/lisa-f...

And in my experience of cyber crisis management- the one thing people always forget to have any redundancy for is……..

…….. Email! Yep, and then they can’t communicate or waste hours and hours trying to set up another mode of communication

The importance of redundancy explained from an abandoned sulphur mine. Because why not. 😂😂😂

We talk a lot about ransomware, but what about preparing for the other threats? We have put together a guide to help you start thinking and exercising 5 - insider sabotage, supply chain attack, LLM breach, deepfakes and hacktivism. It’s free to D/L and use ❤️ red-goat.com/from-deepfak...

How Oracle took a security breach claim and made it worse Opinion: Fallout shows how what you say must be central to disaster planning

Interesting opinion piece in El Reg on the ongoing Oracle data breach debacle: "All things considered, Oracle's response might go down as one of the all-time lows in the genre." www.theregister.com/2025/04/02/o...