S-RM - Experts & Thought Leaders

Renowned global intelligence and cyber security consultancy - S-RM has promoted Casey O’Brien to Global Head of Incident Response (IR). Casey’s appointment reflects the firm’s continued investment in its international cyber practice and its ability to support clients worldwide, around the clock.  Casey will work closely with Joani Green, Chief Information Officer, to deepen collaboration between regional teams, streamline ways of working, and enhance the firm’s use of technology and intelligence sharing across borders. S-RM’s global delivery model sits at the centre of its IR offering. By building high-performing teams across EMEA, APAC and North America, the firm is able to respond to cyber incidents at any hour, rapidly mobilise specialist support, and minimise operational disruption for clients. Casey’s appointment Casey’s appointment marks the next stage in the growth of S-RM’s cyber practice, which continues to see rising global demand for rapid, multi-disciplinary response capabilities. As cyber incidents become more complex and impactful, clients are seeking providers with seamless global coverage, strong operational discipline, and demonstrable expertise across digital forensics, threat intelligence and crisis management. Coordinated responses across time zones Casey O’Brien, Global Head of Incident Response at S-RM, said: “In my new role, my focus is to bring our global team even closer together, working more effectively as one unit. Alongside Joani, I’ll be sharpening the processes that enable fast, coordinated responses across time zones.” “We’ll continue to expand our use of technology so our investigators and delivery teams can work more efficiently, providing clients with clearer answers at pace and helping them return to normal operations quickly. I’m excited to continue working with some of the most talented people in the industry and to help build a truly global incident response practice. We have a team that is collaborative and committed to excellence, and I’m proud to be part of it.” 

Global cyber risk consultancy S-RM has reported a sharp increase in ransomware incidents exploiting SonicWall firewall devices with SSL VPN enabled. The activity, tied to the Akira ransomware strain, is impacting organisations worldwide and has knock-on effects for everyday users. The warning comes amid heightened national debate around the UK Government’s Online Safety Act and the security implications of VPN usage. S-RM says the latest attacks are a timely reminder that while VPNs can be essential security tools, poorly configured or incompletely patched VPN infrastructure can be a gateway for cybercriminals. S-RM’s investigation Key points from S-RM’s investigation include: The Akira ransomware group is exploiting incomplete remediation of the earlier software vulnerabilities to gain initial access, even on devices that have been patched Post-compromise tactics include privilege escalation on SQL servers, creation of local accounts, network reconnaissance, data exfiltration, and ransomware deployment Files encrypted by Akira carry the extensions ‘.arika’ or ‘.akira’ Enterprise infrastructure breaches Ted Cowell, Head of Cyber Security UK at S-RM, comments: “These cases show that patching alone is not a silver bullet. If you don’t reset credentials, enforce MFA across the board, and actively hunt for suspicious activity, you could already be compromised.” “While the attacks are aimed at enterprise infrastructure, the fallout doesn’t stop there. Breaches can cause service outages, lock people out of online banking, delay healthcare appointments, or disrupt remote work. The message is simple: whether you’re a business or an individual, VPN security matters – and the Online Safety Act debate should remind us that how we configure and maintain these tools is just as important as whether we use them.” S-RM urges all organisations using SonicWall SSL VPNs to: Update firmware to the latest version Reset all user and service account passwords Enforce MFA for all accounts Remove unused accounts Conduct immediate threat hunting for signs of compromise

Global cyber security and corporate intelligence consultancy S-RM has announced a new channel distribution partnership with cyber security solutions provider and distributor, Distology. Distology represents best-in-class cyber security vendors and supports an extensive network of resellers across the EMEA region. This partnership will enable Distology’s network to access S-RM’s global, award-winning, cyber incident response services.   Incident response team S-RM has the largest dedicated incident response team in the UK, responding to over 500 incidents a year. They have a unique set of in-house capabilities that enable them to manage an incident end to end, which includes a dedicated restoration team to support the recovery of complex networks, and full threat actor negotiation support. The UK team is supported by full-service incident response teams in the US, Netherlands, and Singapore, enabling a ‘follow the sun’ model – and 24-hour support – for incident response. A dedicated incident response team can be assembled in as little as six minutes. Cyber protection S-RM's capabilities align with Distology’s, providing quality solutions to protect organisations from cyber threats S-RM’s brand is widely respected within the insurance sector, and the firm is an approved panel vendor with most UK insurance companies. This means that partners can distribute their services with confidence, without caveats, and knowing that they can sit alongside existing cyber insurance. S-RM's capabilities align with Distology’s, providing quality solutions to protect organisations from cyber threats. Both firms place client service at the heart of their offering and have built up trusted relationships with key partners. Incident response and cyber consultancy services David Whiteley, Head of Channel Sales at S-RM, said, "I'm excited to launch our partnership with Distology, one of the pioneering names in cyber security distribution." "This collaboration marks an important step for us as we work together to expand the reach of our award-winning incident response and cyber consultancy services into partners in the UK and Europe." Brand presence “Over the past decade, I've watched Distology build an impressive brand presence. Their innovative thinking and attention to detail mirrors what we’ve built at S-RM. This partnership showcases the hard work and shared vision both companies have invested to bring something special to the market." “Distology’s wide-reaching network and industry know-how make them an ideal partner as we aim to increase our support to the channel in taking market-pioneering services to their clients.” Cyber security incident response Lance Williams, Chief Technology Officer at Distology, said, “I am delighted to welcome S-RM into the Distology portfolio. They are a premier brand in cyber security incident response, helping hundreds of organisations in their greatest hour of need." "It is no wonder S-RM is growing rapidly and we know our stakeholders will be excited to work with a firm with a proven pedigree in incident response.”