LRQA Nettitude Blog

Healthcare Cyber Threats in IoT Devices | Nettitude

Posted by Nettitude on Feb 25, 2021

By Matt Tryphona | Security Analyst at Nettitude

The Healthcare industry remains highly targeted by hackers due to the great deal of personal data that is used and handled on a day-to-day basis. One of the biggest cyber Risks within healthcare is IoT devices, as they can be used as a gateway for capturing sensitive data if not secured correctly.

When we think of an IoT device, you may think about smart-home devices, such as a smart plug, or smart bulb controlled from an app on your phone. We may even think of a ‘smart’ assistant controlled by our voice, which can do much more than just tell you the weather. The ‘smart’ assistants can act as an IoT hub that control our devices to provide a seamless futuristic experience.

It’s one thing for the security of devices in the home to be breached, but within a healthcare environment, this can have a detrimental knock on effect across the board in light of an increasing variety and severity of healthcare cyber threats. Below we’ll take a look at what IoT is, how it’s used within the healthcare industry, and how a security breach could impact the industry.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

Protecting Against Encrypted Cyber Threats | Nettitude

Posted by Nettitude on Feb 19, 2021

By Greg March | SOC Platform and Security Analyst at Nettitude

Technology is at the forefront of innovation with new hardware, software and AI breakthrough announcements on a daily basis. From the creation of the first computer (ENIAC developed in 1946) to the rise of IOT smart fridges, data remains the key to the interconnected world around us.

Over recent years, the rise in cyber-criminal activity has highlighted the pressures and importance of developing secure technology - whether that is for data in transit or at rest. Transport encryption such as SSL(secure Socket Layer)/TLS(Transport Layer Security) and HTTPS (Hyper Text Transfer Protocol Security) technologies are exactly that, they provide a secure method of transporting encrypted data from one machine to another, preventing unauthorized actors from stealing private information.

Although encryption was first developed with security and privacy in mind, hackers and cyber criminals of even low sophistication levels have incorporated the advantages of encryption in their attack techniques.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Cyber Security Blog, SEO Series

Cloud Native Security- What you need to know

Posted by Nettitude on Feb 12, 2021

By Mike Buckley | Pre - Sales Consultant at Nettitude

Transforming on-premise environments to the Cloud is not new, many organisations have already been through this process, and those that haven’t or are part way through should understand their strategy for doing so. While each organisation has their own business goals, those goals will loosely align with basic architectural requirements structured within the Cloud environment, whether that be IaaS, PaaS or SaaS or a combination of all. Gartner’s “Top Security and Risk Management Trends” highlighted “Cloud Native” as one of the three architectural building blocks of Cloud security transformation, alongside “SASE” and “Zero Trust”.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Cyber Security Blog, Cloud Native Security

Why PCI DSS Training in Retail is Essential

Posted by Nettitude on Feb 8, 2021

By Stuart Wright | Global Head of Compliance and Risk at Nettitude

Employee awareness of common security threats is a crucial line of defence when protecting your organisation from attacks. Within the retail sector, this is especially important as any security compromise could expose the payment details of thousands of customers.

For this reason, it is essential that retailers have a solid PCI DSS employee training programme in place that ensures employees know what best practice to follow to help prevent data leaks or cyber-attacks. But what should your training program look like? In this blog, we’ll try to shed some light on this and give some practical tips on how to approach this requirement.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, financial series

How Can Banks Protect Themselves from Cyber-Attacks? | LRQA Nettitude

Posted by Nettitude on Jan 29, 2021

By Matthew Gould

As our world advances, so does technology and the demand for easier access to the services we use and depend upon throughout our daily lives. Services that are provided by you as an organisation, whom your clients put their trust in to ensure their personal and financial data is protected. Along with the ever-changing technical landscape comes the inevitable race organisations are faced with to remain up-to-date and secure. As systems increase in size and complexity, so does the strain on resources and the ability to effectively safeguard your systems and the sensitive assets they retain.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, financial series

AASE – Global Regulatory Frameworks Compared | Nettitude

Posted by Nettitude on Jan 26, 2021

By Tim Percival - VP of Cyber, APAC & Anthony Long - Managing Principal Security Consultant

This month, the Saudi Arabia central bank has announced plans to incorporate open banking into their financial infrastructure. This move is set bring about many new opportunities as the Kingdom changes direction from their usual path of stability. The new plans will enable increased data-sharing, allowing customers and businesses to have more control over their finances and access bespoke financial services. 

With Singapore having already began to adopt open banking technology around 2016, it’s clear that Asia’s financial market is wasting no time when it comes to the latest technological advancements. Yet, with this adoption comes increased cyber-risks, rendering regulatory authorities all the more critical in stabilising the market.

In part four of the ‘Global Regulatory Frameworks Compared series, we’ll look at AASE – the cybersecurity guidelines created for the Singapore market by ABS (The Association of Banks in Singapore).

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, financial series

MAS Announce New Rules in Singapore – what does this mean for businesses?

Posted by Nettitude on Jan 22, 2021

By Tim Percival | VP of Cyber, APAC

After the recent cyber-attack on SolarWinds that exposed thousands of businesses across the world, the Singapore Monetary Authority (MAS) have stepped up measures to protect businesses in Singapore.

The new measures, which effect all financial services and e-payment firms, came into effect on Monday the 18th of January and introduce a new set of central banking rules to better mitigate technology risks. MAS have been actively working on the strengthening of cybersecurity standards for some time now, with measures including updating the MAS TRM guidelines. However, the recent breach of SolarWinds has meant that there’s new focus on implementing hardened cybersecurity measures with more emphasis on third party vendors.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, financial series

iCAST – Global Regulatory Frameworks Compared | LRQA Nettitude

Posted by Nettitude on Jan 7, 2021

By Nettitude

Happy New Year to all of our readers of the Global Regulatory Frameworks Compared Series! As a recap, in recent months, we have been taking a deep dive into the different regulatory bodies that govern the cybersecurity requirements of the Financial Sector. One of the key issues we’ve covered is the misalignment of cybersecurity standards across the board, which in turn led to the introduction of a pan-European framework that could be leveraged across the whole of the Eurozone – TIBER EU.

While the UK and Europe have a fairly coordinated approach with the CBEST and TIBER Frameworks, Asia has a slightly different approach. In part 4 of this series, we’ll be taking a look at the iCAST Framework, governed by the Hong Kong Monetary Authority (HKMA).

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, financial series

The FireEye Hack | What can you do to protect your organisation?

Posted by Nettitude on Dec 15, 2020

By Nettitude

With the recent hack of FireEye, there have been many questions circulating among Cybersecurity experts and the clients that they serve. At Nettitude we’re dedicated to providing the most robust and secure security practices to the people we serve.

In light of recent events, we’ve asked our security experts who, on a daily basis, are on the front lines of cybersecurity to answer the questions we received. We hope this information can help you keep yourself prepared, protected, and offer peace of mind that Nettitude is fully prepared to keep you protected.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog

How Security Awareness Training Can Reduce the Risk of Insider Threats | Nettitude

Posted by Nettitude on Dec 11, 2020

By Stuart Wright | Global Head of Compliance and Risk

When we think about “insider threats” to our organisations, it’s all too easy for our minds to conjure up clichéd images of elaborate plots from a spy film, where the rookie agent goes undercover to get inside information, and then saves the day with just a few minutes to spare. Or perhaps we think about corporate espionage, where an unscrupulous employee infiltrates a competitor by getting a low-level admin job and creeping around the office late at night stealing valuable data that will give their employer a competitive edge.

The reality of the insider threat is almost always a little less exciting, and certainly less dramatic incidents are far more commonplace than the dramatised examples above.

There’s also a lot we can do to try and protect against these attacks, and in this blog post, we’ll talk about some of the key things you should be considering to help address the insider threat.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

Subscribe Here!

About LRQA Nettitude

Through our connected portfolio of advanced cybersecurity solutions, LRQA Nettitude helps companies to identify and manage the vulnerabilities and threats that pose a risk to their business, building cybersecurity resilience and underpinning your business strategy with proactive measures.

Recent Posts

Posts by Tag

See all