CATEGORIES
Explore All News
TOP STORIES

LATEST ISSUE

June 2026

READ ONLINE

Subscribe to Print Edition

SUBSCRIBE
ARCHIVE
May 2026
April 2026
March 2026
February 2026
January 2026
December 2025

Download our App

Subscribe to
Newsletter
FEATURED JOBS
United Kingdom | Full Time

Regional/Country Security Advisers

VIEW ALL JOBS
CATEGORIES
QUICK SEARCH

This months jobs sponsored by:

PRODUCT CATEGORIES
Explore Products
TOP STORIES
SECURITY TWENTY
REGISTER
AWARDS
EVENT CALENDAR
2026
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
ALL EVENTS
VIDEO CATEGORIES
ALL VIDEOS
FEATURED VIDEOS
FEATURED VIDEO
Ajax Special event – Dare to be first
FEATURED VIDEO
WIS 2025 montage of photos
FEATURED VIDEO
WIS Awards 2025
COMPANY INFORMATION
BUSINESS & ADVERTISING
EVENTS & RECOGNITION
TESTIMONIALS

โ€œReceived the latest edition of Professional Security Magazine, once again a very enjoyable magazine to read, interesting content keeps me reading from front to back. Keep up the good work on such an informative magazine.โ€

Graham Penn
ALL TESTIMONIALS
GALLERIES
ACS Pacesetters Awards 2026
ST26 Glasgow
WCoSP Spring Ball 2026
ALL GALLERIES
FIND A BUSINESS

Would you like your business to be added to this list?

ADD LISTING
FEATURED COMPANY
FEATURED COMPANY

TechMondial Limited

TechMondial Limited, established in 2004, is an international master-distributor of world-leading security technologies – primarily in the perimeterย security (UVSS and…

FEATURED COMPANY

You too can have your company featured in this slot if you wish, call the office on 01922 415233 if you're interested in this.

Thursday, June 11, 2026
Font size: A A A
Our events:
Security Twenty
Women in Security Awards
Latest Jobs
Fire Engineer Scotland / Scotland
Security Engineer Scotland / Scotland
Associate Director, Fire Engineering / Colchester
Senior Facade Engineer / Colchester
Key Account Manager – Custodial / South, UK
Solutions Design Lead – Smart Buildings / Security / UK - City of London
Design Engineer / UK - Manchester
Bid Estimator. Security. Amsterdam / Netherlands
Procurement Manager / Nottingham
Service Supervisor – Canary Wharf / Canary Wharf
Post a Job Ad
Cyber

Cyber Essentials latest

by Mark Rowe

Cyber Essentials version 3.3 has come into effect. The latest update to the UK standard sees multi-factor authentication (MFA) becoming a pass-or-fail requirement.

Briefly to introduce Cyber Essentials; drawn up by the UK official NCSC (National Cyber Security Centre), it covers the minimum basics of cyber security and hygiene as recommended by UK Government.

Comments

Dominic Carroll, Director Portfolio, e2e-assure welcomed the annual updates to the Cyber Essentials marking criteria. He said: “This year’s change to make MFA a mandatory requirement to pass is long overdue. This won’t impact most organisations that are taking their cyber security seriously, as this has been basic practise for some time. But for those who are lagging behind, these are the kinds of basics we need to ensure are in place across the board.
“Additionally, increasing the focus on the timely installation of high-risk or critical security updates and vulnerability fixes is great to see. However, I still feel that 14 days is too long a window for high-risk critical security updates.ย The speed at which threat actors can move and deploy attacks with the assistance of AI is accelerating at an unprecedented rate, and a 2-week risk period is too long, especially for businesses critical to CNI supply chains.”

And Niall McConachie, regional director (UK and Ireland) at Yubico, said: โ€œThe reality is that AI tools are outpacing traditional corporate defences. Research from Yubicoย reveals that while 70 percent of employees believe AI has made phishing more successful, an eye-opening 62 percent of organisations still rely primarily on username and password credentials. The use of this outdated authentication method persists despite its well-known vulnerabilities, which have become even more apparent in the age of AI. At a time when AI can craft flawless emails, the โ€˜human firewallโ€™ is crumbling, and traditional credentials like passwords and SMS-based one-time passwords (OTPs) are no longer enough to protect sensitive company and employee data.

โ€œBecause these automated tools target all employees and businesses, every unsecured entry point becomes a target. By failing to implement MFA, organisations are leaving the front door wide open for cyber criminals. Nevertheless, while any form of MFA is better than a password, not all forms of MFA are created equal. Legacy MFA approaches, such as SMS-based one-time passcodes (OTP) and mobile authenticator apps, are broken, with malicious actors repeatedly proving that these are easily bypassed via phishing attacks.

โ€œThe NCSC has used this update as an opportunity to name passkeys as the preferred authentication approach moving forwards. For businesses to ensure they are prepared for this, they should deploy hardware-backed passkeys, like security keys, across their infrastructure.

“These physical security keys are totally resistant to phishing attempts and can’t be intercepted or stolen by remote attackers, meaning only the key holder can gain access to their accounts. By using the highest-assurance authentication method that a security key provides, individuals can make sure their data is fully protected and not at risk of being accessed by cyber criminals.โ€

Related News

  • Cyber

    Increasing threats

    by Mark Rowe

    How is the UKโ€™s cyber ecosystem adapting to cope with increasing threats? writes Ricardo Ferreira, EMEA Field CISO, at the cyber firm…

  • Cyber

    Zero Trust perspective

    by Mark Rowe

    Are cyber attacks on retailers and manufacturers preventable or par for the course? asks John Linford, Security Portfolio Forum Director, The Open…

  • Cyber

    People are pivotal to resilience

    by Mark Rowe

    Cybersecurity is a people problem dressed up in technology, says Dan Jones, Senior Security Advisor, at the cyber firm Tanium. The conversation…

Close