LRQA Nettitude Blog

How to Prepare for ISO 27001 Certification

Posted by LRQA Nettitude on Nov 29, 2023 5:21:14 PM

In an era where data is the lifeblood of organisations, safeguarding sensitive information has never been more crucial. ISO 27001 is a guiding light for organisations navigating the intricate landscape of information security.

Originating from the International Organisation for Standardisation (ISO), this framework provides a systematic approach to managing and protecting valuable data assets. From confidential customer information to proprietary organisation processes, ISO 27001 offers a structured methodology to identify, assess, and mitigate risks associated with information security.

Read More

Topics: ISO 27001

Testing Your Cyber Incident Response Procedure

Posted by LRQA Nettitude on Oct 31, 2023 10:31:58 AM

Having an effective cyber incident response procedure is essential to ensure businesses remain resilient against malicious attacks. As the focus shifts more towards cloud and online operations, organisations must proactively identify potential risks before they can become a damaging data breach or other cybersecurity issues. But how can organisations make sure that their cyber incident response procedures are sufficient? Testing your organisation’s strategy for identifying, responding to, and mitigating incidents should be a key element of ensuring digital safety and security. 

Read More

Cybersecurity Know-How: Protecting Your Mobile Apps

Posted by LRQA Nettitude on Oct 30, 2023 5:26:19 PM

Dependency on mobile apps for daily tasks has increased exponentially. However, this has also made mobile applications an attractive target for cybercriminals seeking access to confidential information. This is why it's imperative to understand the importance of protecting our mobile apps.

To safeguard sensitive data, businesses must prioritise mobile application security and protect it from potential cybersecurity threats. Unfortunately, cybercriminals are constantly evolving their tactics and are targeting mobile apps as a gateway to gain access to sensitive data. Therefore, businesses must ensure their mobile apps are secured from cybersecurity threats. This blog explores the various threats that mobile apps face and explains how mobile app penetration testing can help mitigate these vulnerabilities.

Read More

Topics: Penetration Testing, Web Application Penetration Testing Tools, Web App Penetration Testing

What is Threat Modelling? | LRQA Nettitude

Posted by LRQA Nettitude on Sep 29, 2023 5:57:04 PM

Businesses of all sizes are vulnerable to cyber threats, from data breaches to cyber attacks. The consequences of a security breach can be devastating, resulting in the loss of sensitive data, reputational damage, and even legal implications. To minimise the risk of such incidents, organisations need to take a proactive approach to their cybersecurity strategy. One way to do this is through threat modelling.

Read More

Topics: Threat Landscape, Threat Modelling

Deception as a method of early detection | LRQA Nettitude

Posted by LRQA Nettitude on Sep 28, 2023 12:10:50 PM

Deception technology is a simple but effective method of active defence which builds upon the concept of honeypots, a sacrificial system intended to attract cyberattacks.

Read More

Topics: Deception Technology, Cyber Detection Technology, What is a honeypot, honey potting

How to Recover From a Data Breach: The Steps To Take

Posted by LRQA Nettitude on Jun 30, 2023 6:30:00 PM

A data breach could take over 100 days to be spotted. An additional 60 days may be needed to recover from it. However, you can recover from a breach within 30 days with a recovery plan, saving you resources. Your recovery team’s swift reaction to any signs of a data breach will help you recover as soon as possible.

Read More

Topics: Penetration Testing, cybersecurity, Data Breach, network security, data privacy security

7 Cybersecurity Best Practices for Employees

Posted by LRQA Nettitude on Jun 30, 2023 11:35:16 AM

As the use of technology in the workplace continues to grow, so does the importance of cybersecurity. Large corporations are frequently targeted by hackers, but smaller enterprises may be even more appealing targets as they may not be able to devote as much attention to setting up cybersecurity protocols and are thus simpler to breach. Despite the increasing awareness of cybersecurity threats, many employees still do not take the necessary precautions to protect their data and devices.

Read More

Topics: cybersecurity training courses, Cybersecurity training

PCI DSS 4.0 Migration for Merchants and Service Providers | LRQA Nettitude

Posted by LRQA Nettitude on May 31, 2023 7:51:38 PM

 

Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) was released at the end of March 2022. At the time of writing, we now have less than one year until the previous version, 3.2.1, is retired and can no longer be used for new assessments.

Read More

Topics: PCI Compliance, PCI DSS 4.0, PCI DSS, payment card industry security standards, PCI DSS Compliance

Challenges of Meeting ASV Scanning Requirements in PCI 4.0 | LRQA Nettitude

Posted by Nettitude on May 30, 2023 6:37:35 PM

 

If you've ever taken a credit card as payment for anything, then you've probably heard of the Payment Card Industry Data Security Standard (PCI DSS). This defines a set of requirements for merchants and service providers to protect their customers' payment card data. The importance of PCI DSS lies in the fact that it helps to protect sensitive data which could have huge ramifications should it fall into the wrong hands. This includes information such as credit card numbers, names, addresses, and other personally identifiable information.

Read More

Topics: PCI Compliance, PCI DSS 4.0, PCI DSS, payment card industry security standards, Vulnerability Scanning, Approved Scanning Vendor, asv scanning, PCI DSS Compliance

The Dangers of Social Engineering Attacks in Cybersecurity | Nettitude

Posted by Nettitude on Apr 29, 2023 6:54:01 PM

 

A social engineering attack refers to any type of attack where deception, manipulation or coercion is used to elicit information or access from a person for their own purposes. Social engineering refers to any technique used by a threat actor that focuses on people and process, rather than on technology. The most common form of social engineering attack is a phishing email that tricks victims into giving up personal information such as passwords and credit card details. Phishing often masquerades as an official corporate email from an organisation's CEO or another trusted person within the company.

Read More

Topics: Penetration Testing, Social Engineering, Social Engineering Attack

Subscribe Here!

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Recent Posts

Posts by Tag

See all