Research & Papers

The AI Act - Whitepaper

22 April 2024

This white paper explores the contrasting regulatory frameworks for artificial intelligence (AI) in the European Union and the United Kingdom. It aims to illuminate their implications for AI system creators and provide a guide for navigating these diverse legal landscapes. 

CQUEST Whitepaper

27 February 2024

The Bank of England is working to ensure that the financial sector in the UK is resilient to any disruptions to its operations.  The financial sector includes banks, building societies, insurers, and financial market infrastructure providers (FMIs). They carry out this work together with the UK’s two other financial authorities: HM Treasury and the Financial Conduct Authority.Operational disruption to important business services could impact financial stability, threaten the safety and...

GovAssure Whitepaper

31 October 2023

With an ever-growing threat facing HM Government (HMG), cyber security capability has become ever more important and critical to ensuring the UK remains safe and secure. GovAssure is an enhanced cyber security programme that has been implemented by HMG to ensure HMT IT systems are protected from this growing threat. GovAssure is run by the Cabinet Office’s Government Security Group (GSG), with input from the National Cyber Security Centre (NCSC). This whitepaper aims to explain and provide...

MoD Secure by Design Whitepaper

31 August 2023

There are very few threats that are faced by individuals, organisations and governments alike; at the precipice of them all, in our current age, are cyber-attacks. Any number of actors, be they state-backed, hacktivists or organised criminals, have the potential to circumvent the security procedures and barriers created to protect information of value.  The UK Ministry of Defence (MoD) has now released a new policy for managing the through-life cyber security of projects and programs, to...

CraftCMS Whitepaper

30 August 2023

In the ever-evolving landscape of cybersecurity, recent scrutiny has unveiled two critical vulnerabilities within CraftCMS, identified as CVE-2023-36259 (Stored XSS) and CVE-2023-36260 (DoS). The first vulnerability, CVE-2023-36259, highlights a Stored Cross-Site Scripting flaw stemming from deficient input validation within CraftCMS's Audit Plugin. Malicious actors are able to exploit this vulnerability by introducing malevolent JavaScript code during the user creation phase.

CREST OVS Whitepaper

29 August 2023

AMR CyberSecurity has recently been accepted into the CREST OVS scheme, demonstrating our commitment to maintaining the highest standards of cybersecurity excellence. CREST OVS is a quality assurance standard for the global application security industry, providing mobile and web app developers with greater security assurance and accredited organisations with enhanced access to the growing app development industry.    

Impacts of AI and MI on PCI DSS and Leveraging Technical Controls

28 July 2023

The rapid advancements in Artificial Intelligence (AI) and Machine Intelligence (MI) technologies have brought about a paradigm shift in various industries, including cybersecurity. As organisations increasingly adopt AI and MI solutions, it is crucial to assess their impact on compliance with the Payment Card Industry Data Security Standard (PCI DSS). This white paper aims to explore the profound implications of AI and MI on PCI DSS compliance and discuss how organisations can leverage these...

Supply Chain - Whitepaper

31 May 2023

In today's interconnected world, supply chain security has become an essential element of cybersecurity. As businesses increasingly rely on third-party vendors and suppliers, the potential for a breach or attack through the supply chain has become a significant concern. Organisations must understand the security implications of their supply chain and implement suitable controls to mitigate risks.

Purple Team - Whitepaper

31 May 2023

Martin Walsham from AMR CyberSecurity discusses the benefits of implementing a purple team assessment process and provides a high-level structured approach to implementation.

Incident Response - Whitepaper

15 February 2023

Tom Miller from AMR CyberSecurity describes how organisations can best defend against, detect and respond to cyber-attacks.    Many organisations are concerned about potential and actual cyber security attacks, both on their own organisations and through the supply chain. Dealing with cyber security incidents – particularly sophisticated cyber security attacks – can be a daunting, difficult task, even for the most advanced organisations.    The best way to shield against attack is to...

SolarWinds Orion Breach Research

15 December 2020

It recently been highlighted within the wider computer security industry that SolarWinds products are a supply chain risk. Specifically, the Orion platform are critically vulnerable to a remote attack known as “SUNBURST Backdoor” due to some legitimate products from the orgnisation being trojanised with malware during an update permitting a back door into orgnasitation's networks and the data contained on the platform. The SolarWinds Orion product is used to monitor and optimise IT...

Ransomware - It's Not An Attacker Fad

20 November 2020

With the growing trend of ransomware attacks on large established organisations and brands over the last quarter; such as IT service provider 'Sopra Steria' and more recently the beverage brand and manufacture 'Campari'. The Ransomware risk has shown no traction in stopping, or what industries and sectors are being targeted. With many organisations having to invest significance resource to manage this risk. AMR CyberSecurity has researched this risk and outlined the key information, risks...

Registered address
AMR CyberSecurity, 3000a Parkway
Whiteley, Fareham
Hampshire, PO15 7FX
© 2024 AMR CyberSecurity · Registered Company Number: 11551941