Nettitude Blog

When combined cyber security and information security help provide organisations with a modern day approach to building a strong security posture. The two security practices also help develop the organisation’s security resilience.

Weak security is a major flaw of most web applications. Leaving the business environment highly susceptible to cybersecurity attacks every day. Insecure applications provide a gateway for criminals to pivot directly into an organisation’s corporate environment. So why are the organisations leaving themselves vulnerable through poor web security practice? Moreover, how can companies strengthen their cybersecurity to develop programs that deliver the best web application technology and not compromise the app's security?

A cyber security audit conducted by Nettitude will provide your organisation with a high-level appraisal of your cyber security posture. You will receive a personalised report containing actionable advice and a clear set of guidelines to remediate any security threat or weaknesses identified. The audit will focus on your people, process, technology and policy.  

In today's cyber-obsessed world, you only have to scroll the web pages of your favourite online news agency to see that with a new day comes new reports of cyber attacks. From ransomware to phishing scams and state-sponsored attacks, it is clear that cybercrime is an increasing threat for all businesses and online users.

At Nettitude we have the great advantage of seeing first-hand how organisations of all shapes and sizes approach cybersecurity. And like all good consultants, we are magpies; borrowing the best and worst of what we see and absorbing it into our accumulated knowledge. This approach means that when we advise our customers, we’re able to draw on a vast body of knowledge and experience, saving our customers’ time by avoiding the mistakes we have observed within other organisations.

The world loves assessments. Be it the endless Top 10 lists on Facebook, from the Forbes 500 to the FT 1000 and more. Smaller assessments include a person’s annual physical, car inspections, report cards from school, and more. In the world of information security, a risk assessment is an invaluable method for a firm to determine their information security posture. There is a lot at stake when a firm performs a cyber security risk assessment, so it’s imperative that it be done right.

Want to learn how to do it right? Keep reading.

In March 2018, Lloyd’s Register (LR) acquired cyber security specialists Nettitude. 

If your organisation is compliant with PCI DSS, chances are you’re conducting penetration tests on an annual basis. This “ticks the box” from a PCI perspective, and your QSA will have no problems marking you as compliant – but is a box ticking penetration test really enough?

We live our lives hoping that we will never need to make claims on our insurance policies.  Whether that is home, motor, life or phone, making a claim generally means something isn't how it should be.  Ultimately, a policy is there to protect something of value to us, and as the world in which we lives changes, the information you have and the systems you run your businesses on are valuable assets too - so is now the time to think about cyber insurance?

Outsourcing PCI DSS controls to third parties can hugely support a merchant (or service provider) PCI DSS compliance program and can be a great thing if you want to leverage any SAQ reduction criteria, meaning you have less controls to complete yourself so less costs and less complexity; always a good thing, BUT you must have a handle on service providers if you want to take this route.