LRQA Nettitude Blog

By Jenny Wu | Senior Incident Response Consultant at LRQA Nettitude

In 2019, 12,174 new vulnerabilities[1] were reported to MITRE, and cybersecurity-related attacks are expected to cost over $6 trillion USD in damages globally by 2021[2]. These numbers show that the threats in today’s world are only increasing. Threat actors and their tactics are evolving to be more sophisticated than ever, outwitting static alerts and traditional means of detection.

Organizations are facing increasing pressure from all sides to meet cybersecurity requirements and protect the business: government bodies, compliance organizations, partners, clients, and leadership. In order to manage and successfully mitigate these threats, organizations must be poised to detect them; however, detection requires skilled personnel and smooth processes combined with the appropriate technology to combat these ever-growing and evolving threats. SOC monitoring is an organization’s best ally in detecting these threats.

By Joe Donohue | Senior Information Security Consultant at LRQA Nettitude

For many defense suppliers, CMMC is another compliance headache. So, being asked to adopt a new set of practices is a tall order, especially for those organizations that recently put in a tremendous effort to meet the requirements of the NIST 800-171 framework. Fortunately, rather than being a massive change in direction, CMMC is the next logical step in the United States Department of Defense's (DoD’s) drive to secure its supply chain. So, with the proper approach, your organization can gracefully meet this new challenge and benefit by becoming more secure and resilient in the process.

By Jenny Wu | Senior Incident Response Consultant at LRQA Nettitude

Malware in today’s world is a fact of life. As technology advances and devices are increasingly connected and evolving, so too are techniques and tools used to exploit this technology. With exploitation and malware rampant, the likelihood of your organization experiencing an attack and paying the price is set to increase.

Cyber-attacks and the damage they cause can be very costly to organizations. The costs of cyber-attacks are not limited to the immediate containment and eradication of threats. Operational costs, loss of revenue from downtime, emergency remediation and recovery solutions can exacerbate costs, not to mention the existence of intangible costs such as reputational loss. But what is the real impact of malware on business, and how can organization reduce its impact?

By Mike Buckley | Pre-Sales Consultant at Nettitude

In today’s busy environment, it’s becoming very rare for an organisations IT support team to be well resourced, with plenty of time on their hands. Having worked closely with our client’s IT Teams, one of the most frequent issues we hear about which poses a risk to an organisation’s cybersecurity is not having enough time. With cyber-threats constantly evolving, it is essential for IT teams to have time to attend training courses and gain experience on everything they are expected to support.

IT Support teams don’t have an easy job; they have to contend with a multitude of issues across a multitude of different technologies, all the while trying to appease their user base. Alongside other technologies that require in depth specialist knowledge, networks can be a particular challenge for IT teams.

In the following blog post, we’ll take a look at some of the most challenging issues that IT support teams in SME’s face, analyse the importance of making time for essential training and professional development, and examine the role of network security consulting.

By Nettitude Communications Team

As most of our clients will now be aware following the recent press release, we are pleased to announce that Karen Bolton has been appointed as the new CEO of Nettitude. As with any changes that an organisation faces, you may have questions about the new appointment and how it will affect the future of the business, as well as the impact on our clients. First and foremost, we would like to stress that whilst we may introduce some small structural changes as part of our international growth plans, Karen’s mission for the future of Nettitude remains entirely consistent with our founder Rowland’s original vision when he formed the company in 2003.

In the following blog post, we’ll provide a bit more information about Rowland Johnson’s new focus within the business and the role Karen will play in the future growth of the organisation.

By Elisa Cassi | Cyber Product and Services Manager

Enabling safer and more resilient infrastructures

Lloyd’s Register Foundation and the University of Oxford, with contributions from Nettitude and a wide-range of industry players, have recently published a foresight review of Operational Cybersecurity for the Industrial Internet of Things [IIoT]

By Nettitude Communications Team

Global cybersecurity services provider Nettitude today announced that Karen Bolton, EVP Americas and Chief Marketing Officer, will replace Founder Rowland Johnson as Chief Executive Officer, effective immediately.

Applications can come in all shapes and sizes. We use them every day when we browse the web and we may have hundreds on our phones, but they all have one thing in common; if they can be interacted with, they are potentially a target.

Just how targeted and by whom is going to be dependent on many factors such as whether the app is available publicly, as well as what sector your organisation works in. The combination of factors such as these will make your applications more or less likely to be targeted by specific threat groups, e.g. a disgruntled employee or organised crime. Understanding where your threat comes from is important for your business and typically all applications, even those such as a third-party hosted WordPress site, will likely have one or more associated threat groups. To stay proactive with security, application penetration testing can be used to identify vulnerabilities in your applications, determine likely threat groups, and help you understand your current risk.

If you are reading this, then you may already be familiar with app penetration testing as a recommendation for your business. This post will discuss the types of testing there are, what may be suitable for your specific situation and what the app pen testing service is at its core.

By Shai Canaan | Principal Security Consultant at Nettitude

The state of California will start enforcing the California Consumer Privacy Act (CCPA) Assembly Bill 375 (AB 375) on July 1^st 2020. This California privacy law legislation is, as its name suggests, privacy specific and aims at protecting the information of residents of the state of California - or as its language refers to them, “California consumers”.

By Nettitude  

Aside from the luxury conveniences onboard many superyachts, modern vessels utilise networked technologies in order to provide faster, more accurate, and more convenient operations. Whilst all of these modern conveniences have been a game changer for the superyacht industry, this connectivity can often unfortunately bring with it, new threats to the security of the vessel, its crew, and its passengers, while additionally bringing unique marine-specific challenges in terms of systems maintenance.

Based on first hand security assessments conducted by Nettitude on a wide range of vessels, this blog post aims to express the current threat landscape for superyachts, likely tactics of threat actors, common security issues, and marine-specific challenges in maintaining secure systems and networks.