Nettitude consultant, Cory Stone, looks into phishing scams and how they can affect your business.
Risk Assessment is a core feature of most modern security considerations, including the PCI DSS. Featuring as Requirement 12.2, it splits into two parts:
- There is a documented process resulting in a formal, documented analysis of risk.
- The process is performed at least annually (or upon significant change)
Unlike other areas of the PCI DSS which are very prescriptive, this requirement on first reading doesn't really show much relationship to the rest of the PCI DSS, but don't be fooled.
The latest edition of our Perception report series is here, and it's packed full of information on the latest cyber threats, blockchain and advice about GDPR. It's free to download, and is a handy guide for those working in the finance sector. Here is a short summary of what you can expect to find in the report.
Being PCI compliant is an integral part of running a business when you deal, in any way, with credit card information. Nettitude audit and assess both service providers and merchants, and we help them maintain compliance year to year. PCI-DSS v3.2 is changing, here is what you need to know.
Many organizations have started to change the way they think and act about the topic of cyber security. They are now realizing that it's not about if they'll suffer a cyber breach, but when it will happen. This change in attitude towards cyber crime and the affect it can have means companies are being much more proactive, and making steps towards securing their financial and personal data. Here at Nettitude we look at the whole picture, and we educate organizations to not only look at implementing the latest technology but also the people and processes within the business. Here's a look at how the people and processes can help keep your business safe in 2018.
Take a guess at how many days it takes the average company to detect a cyber breach? Would you believe that it sits around the 214 day mark? That’s over 7 months where your data, your assets are at the hands of cyber criminals. Not to mention, once that attack has been spotted it can take a considerable amount of further days for that breach to be contained. By that point your business could have suffered irreparable damage, both from financial and personal data loss.
It's safe to say that 2017 has been an eventful year in the cyber security industry. As well as a steadily growing number of breaches across a multitude of organizations and industries, there have been some pivotal moments that have had a significant impact on the cyber security industry as a whole. We've looked back over the last 12 months and have chosen the top 5 events that have shaped the industry.
In a recent study conducted in collaboration with the University of Bradford, we put to the test static and dynamic detection of antivirus systems against malicious files and our results were significantly different from those achieved by av-test.org. We tested antivirus with malicious files on the day they were created. The tests performed by av-test.org used malware that had been in circulation for few days.
Proactive defense in cyber security is difficult to achieve. Nettitude’s research team investigated the use of deception technologies to gain further insight and intelligence of how they could be used to proactively protect an enterprise level environment. Its findings show that deception technologies are still immature. More effort needs to be invested into designing and engineering systems that can gather information in this area of research, and later transformed into actionable intelligence.
Nettitude Technical Researcher, Richard Dennis, has taken a look into how nearly four million Bitcoins have been lost forever.