Insight Code Top
Insight Code Bottom
Celebrating Sentrium’s contribution to cyber security

Celebrating Sentrium’s contribution to cyber security

19th May 2021

6 min read

2020 is the year that remote working exploded. Businesses and the general public had to quickly adapt to new ways of working caused by the pandemic. There was suddenly a heightened awareness of cyber security and its importance.

The need for further education on cyber security highlights the important work Sentrium carries out every day. Sentrium’s commitment and passion for providing best-practice cyber security support helps businesses to gain assurance in the security of their assets.

In a conversation with Sentrium’s Director, Adam King, we discuss the incredible ways Sentrium is contributing to the education and awareness of the cyber security industry.


Background in cyber security

I’ve had a deep interest in technology from a young age. I spent much of my own time learning about technology so I knew I wanted to explore a more challenging area that sparked my interest.

“I found it really cool to hack stuff and get paid for it.”

I met someone studying a degree in cyber security and we got talking about the industry and the penetration testing specialism specifically. I applied for a degree in cyber security and my career took off from there.


Most common cyber security challenges

Challenges are very mixed. Some clients understand security while others need more guidance.

Clients may have an internal IT or security professional who has an interest in the topic, and resources from the company to make headway in understanding their challenges.

“I often talk to clients about their principle security concerns, which is my fancy word for objectives.”

For clients with security experience that know exactly what they want, we can go straight into understanding their objectives, providing a detailed scoping process and the services that achieve them.

For clients that need more guidance, we take a more holistic approach rather than going deep into a specific part of their IT ecosystem. We discuss their current situation and find the best way to offer a service that carries value.


Reasons for needing professional services

There’s a whole host of reasons why businesses would need cyber security services:

  1. Genuine interest
    There’s often a genuine interest in IT departments who also have the budget to spend on improving their cyber security, especially where there’s a senior management influence wanting to invest in the area.
  2. Regulatory and compliance
    A lot of the time it’s regulatory and compliance-driven, such as ISO 270001, where there may be a requirement to do an annual testing programme for the business to remain compliant.
  3. Product-focused
    It may be product-focused where companies release new software and need to demonstrate to their customers that the software is secure.

“The client saw real value in our recommendations.”

A client recently came to us looking for assurance for one of their products. We went through our comprehensive scoping process to understand their assets and where we can provide support.

We were able to clearly demonstrate our understanding of their long term goals and deliver value where it matters the most.


Improving education and awareness

Cyber security is a complex topic, even for clients with an understanding of security and the reasons for needing it.

Our responsibility as a cyber security consultancy is to articulate and communicate our findings and advice in a way that our clients understand and draw value from.

Internally, we dedicate a lot of time and have a passion for knowledge sharing. This helps us stay on top of a constantly changing industry and continue growing.

There are no blanket best practices we recommend to businesses. Cyber security is complex and there are different reasons for wanting to invest in security. Challenges are unique and driven by the specific circumstances that each client finds themselves in.

“You can only make effective recommendations about cyber security when you have a solid understanding of the problems you are trying to solve. To do this, you need to know the client really well.” 


Supporting charities with cyber security skills

Cyber security is expensive and time-consuming. It also requires an understanding from the company to know where to invest resources.

Charities are bound to invest resources in the best way they can to deliver maximum operational efficiency. Cyber security is an area charities aren’t always able to invest their resources in.

“We’ve always had a passion to support charities and give back in some way.” 

Giving back by donating a lump sum of money wasn’t the approach we wanted to take. We felt we could add more value by donating our time, skills and expertise to an industry that needs the resources. 


Progress in the cyber security industry so far

The industry has come an incredibly long way since I started my career. The general public understanding of security has dramatically increased and it now filters into organisations at all levels.

The landscape of IT security is also growing. There are so many new products, services and specialisms within the industry as a result of the heightened awareness.

“Regulatory updates like GDPR have changed the reasons why businesses care about security.” 

Privacy plays a role in this understanding. There are currently debates regarding people’s right to privacy online, specifically with social media, which are all related to security and keeps the industry a hot topic.

It has driven a lot more investment into cyber security to protect businesses from data breaches and the impact they have on an organisation as awareness increases.


Future of the industry in 2021

Businesses are relying more on remote working whether it’s full-time or part-time. There are security considerations needed to facilitate remote working.

Some businesses have done this reactively. They have implemented remote working solutions over the last 12 months to keep the business functioning. Now that the operational need for these working solutions has been achieved, they are considering the cyber security impact of the changes that were made.

Businesses now want to act proactively. They’re looking to implement remote working solutions for the long term by ensuring they follow cyber security best practices.

“There are cyber security best practices that are difficult to follow working from home.” 

Good habits like locking your computer screen when you’re away from your desk might have lapsed when working from home. It’s important to rebuild these habits going back into the office.

Sentrium’s best practice support continues to contribute to the betterment of the cyber security industry. The team’s commitment to improving education and awareness provides value to businesses where it matters the most.

Want to find out more about Sentrium Security? Contact us to learn more.


  • Insights
  • Labs
White box penetration testing

Uncovering vulnerabilities with white box penetration testing

As a business owner or IT professional, you understand the importance of protecting your company’s sensitive data, systems and reputation from cyber threats. One of…

API penetration testing

Securing APIs through penetration testing

APIs (Application Programming Interfaces) have become the backbone of many modern applications, and indeed the foundation of some businesses services. APIs enable seamless communication between…

The importance of a post-penetration test action plan

The importance of a post-penetration test action plan

As cyber threats continue to evolve and become more sophisticated, businesses must stay one step ahead in protecting their sensitive data and network infrastructure. Penetration…

How to choose the right penetration testing partner

How to choose the right penetration testing partner for your business

In today’s digital landscape, cybersecurity threats are evolving at an alarming rate. With the growing number of cyber-attacks and data breaches, businesses must prioritise their…

IoT device security, penetration testing

Securing the Internet of Things: Penetration testing’s role in IoT device security

The world is witnessing a remarkable transformation as more devices become interconnected, forming what’s known as the Internet of Things (IoT). From smart refrigerators and…

Man working as a junior penetration tester

My first month working as a junior penetration tester

Entering the world of cyber security as a junior penetration tester has been an eye-opening experience for me. In my first month, I’ve encountered challenges,…

Password cracking: How to crack a password

An introduction to password security: How to crack a password

Online Password Cracking An online attack is performed in real-time, against live services or applications to compromise active user accounts. Such attacks typically occur when…

Application Security 101 – HTTP headers

Application Security 101 – HTTP Headers Information Disclosure

Server Header Information Disclosure The most common HTTP header that is enabled by default in most web servers is the ‘Server’ header, which can lead…

SPF, DKIM, DMARC and BIMI for Email Security

SPF, DKIM, DMARC and BIMI for Email Security

Sender Policy Framework Sender Policy Framework (SPF) is a DNS TXT record that is added to a domain that tells email recipients which IP addresses…

Terraform security best practices

Terraform security best practices (2022)

The following sections discuss our most important Terraform security best practices: The importance of Terraform State Terraform must keep track of the resources created. When…

Security vulnerability in Follina exploit

Preventing exploitation of the Follina vulnerability in MSDT

The Follina Exploit A zero-click Remote Code Execution (RCE) vulnerability has started making the rounds which is leveraging functionality within applications such as Microsoft Word.…

Application Security 101 – HTTP headers

Application Security 101 – HTTP headers

1. Strict-Transport-Security The HTTP Strict Transport Security (HSTS) header forces browsers and other agents to interact with web servers over the encrypted HTTPS protocol, which…

Get in touch with our experts to discuss your needs

Phone +44(0)1242 388634 or email [email protected]

Get in touch