.png?width=55&height=41&name=conosco_icon_lightbg%20(1).png "conosco_icon_lightbg (1)"){kind=icon}
Deepfakes, voice clones, and AI-written lures
European Cybersecurity Month highlights social engineering for good reason. Attacks now target people more than code. Even a cloned voice or a routine approval process can lead to failures, despite having good controls in place. These issues can be avoided only if leadership recognises social engine …
Your supply chain just got stronger
Cyber Essentials Renewed Conosco has renewed Cyber Essentials Plus for another year, with the new certificate issued this October. The assessment confirms that core controls are in place, operating correctly, and applied to real devices across the environment that underpins client services. That inc …
How social engineering actually breaks a business
European Cybersecurity Month highlights social engineering for good reason. Attacks now target people more than code. Even a cloned voice or a routine approval process can lead to failures, despite having good controls in place. These issues can be avoided only if leadership recognises social engine …
Windows 10 end of support: what actually happens on 14 October 2025
Windows 10 support ends on Tuesday, 14 October 2025. That switch does not power off devices; it changes the risk. Security updates for Windows 10 stop, which means exploits widen, and insurers, auditors, and procurement officers will ask more complex questions. Microsoft is clear about what ends, an …
Penetration testing for first-timers: how to know if you need one
Most first Penetration Testing projects are bought for the wrong reason. A client asks for a certificate, cyber insurance tightens its wording, or a board member reads about an incident and wants reassurance by quarter-end. Penetration Testing is most effective when it is risk-driven and well-scoped …
Long read: what the BBC got right, and where leaders must push further
This long-form analysis responds to the BBC’s investigation, “The true cost of cyber attacks – and the business weak spots that allow them to happen,” examining the incidents that halted Jaguar Land Rover, disrupted Marks & Spencer and Co-op, and exposed the fragility of the UK’s critical supply …
When one portfolio company gets hacked, you all pay.
Portfolio companies don’t face a single cyber risk. They face a networked risk. A compromise at one portfolio company often exposes shared vendors, credentials, and processes that repeat across the rest of the fund. That’s aggregation. It’s why ransomware and supply-chain attacks scale so efficientl …
In-house security vs outsourced: who wins on ROI, and productivity
Security can be a powerful catalyst for productivity, not a burden to bear. The right operating model frees engineers to build, removes friction from change, and shortens recovery when something goes wrong. For most UK organisations outside the very largest enterprises, managed security delivers fas …
Conosco joins Mimecast's Security Researcher Wall of Fame
Conosco has been added to Mimecast's Security Researcher Wall of Fame, recognising responsible disclosure efforts led by Martin Hodgson, Consultant at Conosco. The accolade reflects disciplined security work carried out within a broader programme to strengthen email authentication across suppliers a …
Security tools ≠ security strategy
Security investments are rising. So are breaches Across the industry, there is a widening disconnect between spend and security outcomes. New platforms are deployed, contracts are signed, and dashboards are configured. But threats keep evolving, incidents keep happening, and organisations are often …
We made 9 cybersecurity predictions for 2025 - how are we doing?
Back in January, we sketched nine forces we said would shape cybersecurity through 2025. Seven months of field data are in. Some calls landed almost on the nose, others misfired, and a few are still warming up. Below is the expanded scorecard on how our predictions are stacking up. For details on ho …
Switching MSPs: What you need to know
Changing Managed Service Providers (MSPs) represents a pivotal decision for mid-sized enterprises in the UK. This choice often stems from a desire for improved IT support, enhanced cybersecurity measures, cost efficiency, or better alignment with business goals and technology strategies. The transit …