By Elisa Cassi | Cyber Product and Services Manager
Enabling safer and more resilient infrastructures
Lloyd’s Register Foundation and the University of Oxford, with contributions from Nettitude and a wide-range of industry players, have recently published a foresight review of Operational Cybersecurity for the Industrial Internet of Things [IIoT]
Read More
Topics:
Cyber Security,
Nettitude,
Events,
Security Blog,
Cyber Security Blog,
Download Area
By Nettitude Communications Team
Global cybersecurity services provider Nettitude today announced that Karen Bolton, EVP Americas and Chief Marketing Officer, will replace Founder Rowland Johnson as Chief Executive Officer, effective immediately.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area
Applications can come in all shapes and sizes. We use them every day when we browse the web and we may have hundreds on our phones, but they all have one thing in common; if they can be interacted with, they are potentially a target.
Just how targeted and by whom is going to be dependent on many factors such as whether the app is available publicly, as well as what sector your organisation works in. The combination of factors such as these will make your applications more or less likely to be targeted by specific threat groups, e.g. a disgruntled employee or organised crime. Understanding where your threat comes from is important for your business and typically all applications, even those such as a third-party hosted WordPress site, will likely have one or more associated threat groups. To stay proactive with security, application penetration testing can be used to identify vulnerabilities in your applications, determine likely threat groups, and help you understand your current risk.
If you are reading this, then you may already be familiar with app penetration testing as a recommendation for your business. This post will discuss the types of testing there are, what may be suitable for your specific situation and what the app pen testing service is at its core.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area
By Shai Canaan | Principal Security Consultant at Nettitude
The state of California will start enforcing the California Consumer Privacy Act (CCPA) Assembly Bill 375 (AB 375) on July 1st 2020. This California privacy law legislation is, as its name suggests, privacy specific and aims at protecting the information of residents of the state of California - or as its language refers to them, “California consumers”.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
Marine and Offshore
By Nettitude
Aside from the luxury conveniences onboard many superyachts, modern vessels utilise networked technologies in order to provide faster, more accurate, and more convenient operations. Whilst all of these modern conveniences have been a game changer for the superyacht industry, this connectivity can often unfortunately bring with it, new threats to the security of the vessel, its crew, and its passengers, while additionally bringing unique marine-specific challenges in terms of systems maintenance.
Based on first hand security assessments conducted by Nettitude on a wide range of vessels, this blog post aims to express the current threat landscape for superyachts, likely tactics of threat actors, common security issues, and marine-specific challenges in maintaining secure systems and networks.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
Marine and Offshore
By Ben Turner | Managing Principal Security Consultant at Nettitude
We're pleased to announce that Nettitude has been listed as the first STAR-FS accredited company that are able to deliver both ‘Threat Intelligence’ and ‘Intelligence-Led Penetration Testing’ Services.
STAR-FS is a new regulatory tool used to assess the effectiveness of a firm’s cyber capability and risk profile. This assessment created by CREST is designed to be delivered by the Threat Intelligence (TI) and Penetration Testing (PT) providers. STAR-FS was designed to deliver similar outcomes to that of CBEST while being less onerous and resource intensive on the regulatory services that back it up.
So what does this mean for our customers within the financial services sector? In the following blog post, we'll discuss the details of the STAR-FS accreditation and how this will impact on our future business within the financial sector.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
SEO Series
As more organisations begin to understand the importance of maturing their cybersecurity strategy, the focus is shifting away from a more ‘compliance-based’ plan and is logically developing towards a reactive security posture with a more modern, proactive and continual assurance approach. Infrastructure penetration testing is a crucial part of an ongoing security assurance programme, as well as being a distinct step in the journey.
In the following blog post, we’ll cover the reasons why an organisation would need an infrastructure penetration test, as well as the key as well as the key considerations that need to be made in advance of one.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area
By Mike Buckley | Pre-Sales Consultant at Nettitude
Firewalls have been around for what seems a very long time now. Firstly, they were considered in theory at the end of the 80s as a simple packet filter, but they soon progressed within a decade to a stateful offering, pioneered by the likes of Check Point with a usable front end. It seems remarkable now that a Firewall that previously only inspected the first few packets of a connection to allow or deny was considered “next-gen”, but that’s just a measure of how far cybersecurity has moved on in the last twenty years.
Whilst Check Point and Cisco ruled the market for a while, until Palo Alto came in and disrupted the marketplace with their application-based policies; there has been a big shift in how the Firewalls inspect traffic, and how policies have moved from traditional IP based rules to being able to allow particular users access to particular applications, enabling much more granularity and control. Many more features have come (and in some cases gone) since then and of course now there’s an argument that there’s no perimeter any more, so what does that mean for the Firewall?
In this blog post, we’ll look at the function of modern firewalls and what’s in store for the future of firewall development and functionality.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
SEO Series
By Nettitude
At Nettitude we have the great advantage of seeing first-hand how organisations of all shapes and sizes approach cybersecurity. And like all good consultants, we are magpies; borrowing the best and worst of what we see and absorbing it into our accumulated knowledge. This approach means that when we advise our customers, we’re able to draw on a vast body of knowledge and experience, saving our customers’ time by avoiding the mistakes we have observed within other organisations.
In this blog post, we'll look at why the NCSC 10 Steps guidelines are a good place to start when evaluating your cybersecurity posture, as well as advice on how to implement these guidelines.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
SEO Series
By Nettitude
Are your email habits putting you at risk? Email is one of the most common means of communication but is also an easily and widely abused system for providing entry points for attackers into our organisations. In particular, during the recent pandemic, we have seen a significant rise in the amount of Phishing attacks carried out by email, meaning organisations need to be even more vigilant.
Nettitude uncovered a recent Maritime campaign focused on manipulating behaviours and common industry practices to deliver malicious payloads and compromise networks. In the following blog post, we’ll go over our findings on a recent attack, as well as how to spot this type of attack and the best methods for responding.
Read More
Topics:
Cyber Security,
Nettitude,
News,
Security Blog,
Cyber Security Blog,
Download Area,
SEO Series