Nettitude Blog

January 1, 1970 12 AM

SOC Alerts - Reducing False Positives & Negatives | Nettitude

Posted by Nettitude on Nov 26, 2020 2:14:19 PM

By Dan Ryder, Jamie Roderick and Simon Robinson |  Nettitude SOC

In an ideal world, every cybersecurity alert received in a SOC would be malicious; displayed with context and enriched so that it would be immediately obvious to an analyst what has occurred, and there would be automation and task orchestration to deal with the threat and self-heal the network. But then, in an ideal world, there probably wouldn’t be any SOC alerts because the security posture of an organisation would make it invulnerable to attack or compromise, and there would be no malicious actors either.

In the following post, we’ll take a look at the absolutely key processes to review, update and assure SOC cyber threat detection, reduce false positives and improve your SOC's capabilities on a continuous basis.
This is delivered by our team of SOC Monitor experts, with over 30 years combined experience across Enterprise Network Security, protecting Critical National Infrastructure and industry leading security monitoring for financial FTSE 250 companies. We'll cover the important questions you need to ask yourself in ensuring your team keep up with Threat Actors, enable your teams situational awareness and empower your SOC across the following areas:

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

TIBER-EU – Global Regulatory Frameworks Compared | Nettitude

Posted by Nettitude on Nov 25, 2020 4:53:59 PM

By Nettitude

In our previous post in the ‘Global Regulatory Frameworks Compared’ series, we looked at the UK’s financial regulatory framework – CBEST. The CBEST framework which was brought in by BoE and the Financial Conduct Authority (FCA) in 2014 was the first step in a series of more proactive measures to combat the misalignment of cybersecurity standards across the board.


Four years later, TIBER-EU was published by ECB and the EU national central banks and approved by the Governing Council of the ECB. This was driven by the apparent need that other intelligence led assurance programmes have enhanced the resiliency of various financial systems. Consequently, multiple regulators around the world started to explore, creating their own frameworks.


Recognising the challenges of having multiple competing frameworks, the ECB decided to look at building a pan-European framework that could be leveraged across the whole of the Eurozone. Below, we’ll explore the TIBER- EU regulatory framework and analyse how it holds up against its global counterparts.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog

How to Approach the IMO Cyber Requirements | Nettitude

Posted by Nettitude on Nov 23, 2020 10:16:02 AM

By Elisa Cassi | Product Development Manager at Nettitude

Cybersecurity is reaching the top of the agenda for many maritime organisations as IMO’s requirements for integrating cyber risk into onboard safety management systems come into force on the 1st of January 2021. The sector is already familiar with the concept of risk and with the creation of a risk management plan. What is required now is to include the cyber risk in the management plan.

But is this cyber risk real in the sector? We believe that “Yes” is the definitive answer and the IMO requirements will play a role in raising awareness of the online threats faced.

In this blog post, Nettitude provides a short summary of what shipowners and ship managers need to do to satisfy the new requirements and at the same time improve their cybersecurity posture.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, IMO Campaign

6 Ways to Secure your Website with Pen Testing in 2020 | Nettitude

Posted by Nettitude on Nov 20, 2020 1:43:11 PM

By David Parsons | Security Consultant at Nettitude

With the improvements of vulnerability scanners and the ever-increasing proficiency of software such as WAFs and Intrusion Detection Systems, you may be asking yourself whether Penetration Testing is still a relevant way to ensure the security of your website in 2020. The following article discusses several proactive security considerations you should make when either creating, or maintaining a website and how Penetration Testing can be useful in this process.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

CBEST – Global Regulatory Frameworks Compared | Nettitude

Posted by Nettitude on Nov 17, 2020 5:11:53 PM

By Nettitude

‘Houston, we have a problem…’

The operational resiliency of the financial services sector is of paramount concern to governments and regulators across the globe. A catalogue of high-profile breaches suggests that board level engagement and awareness of how to prepare and respond to a cyber event is frequently misunderstood or inadequate. Although these boards believe that they are taking steps to combat the cyber threat, their strategies are frequently poorly grounded and misaligned.

To address this, a number of regulator-driven frameworks for assessing financial institutions cyber preparedness, protection, detection and response capabilities has matured, and proliferated across multiple regions around the globe. In this five-part blog series, we’ll outline the main regulatory frameworks for the UK, Europe, Singapore and Hong Kong. In the first post, we’ll take a look at the UK’s regulatory framework – CBEST.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

Privilege Escalation Vulnerability- Electronic Arts (EA) Origin | Nettitude

Posted by Nettitude on Nov 5, 2020 1:20:22 PM

By Nettitude

Electronic Arts (EA) Origin is an online platform that allows users to purchase and play video games on desktop and mobile platforms.  It’s currently used by millions of gamers around the world.  Earlier this year, we identified a vulnerability affecting the EA Origin Windows client. 

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

The 3 Phases of an Incident Response Process | Nettitude

Posted by Nettitude on Oct 27, 2020 3:28:58 PM

By Adrian Shaw | Senior Incident Response Consultant at Nettitude

Over recent months, Nettitude have noted a sharp increase in cybersecurity incidents within our client base, alongside the unfolding of the on-going Covid-19 pandemic. One cause seems to be issues caused during the migration to remote working by workforces, in which organisations have been left vulnerable. In any event, it now seems timely to talk about the Incident Response process and how an organisation can mature their Incident Response capability.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

What cyber-resilience measures are the regulators looking for from financial organisations? | Nettitude

Posted by Nettitude on Oct 15, 2020 11:15:05 AM

By Nettitude

While cybersecurity attacks are detrimental to any organisation, financial institutions are one of the most vulnerable industries to be targeting in terms of the damage that can be caused. A staggering 46% of businesses in the UK have reported a cyber-attack in the past 12 months alone, however, statistics show that there has been a 238% rise in global cyber-attacks on banking institutions since the beginning of the pandemic. As financial institutions rely on the trust and credibility they establish with clients, the possibility of a cyber-attack can threaten this premise on a daily basis. What’s more, as technology continues to develop and more and more clients adopt digital banking practices, the risks from cyber-attacks on banks becomes larger, in which organisations that facilitate monetary transactions and other financial movement, have a duty to play a critical role in fostering financial stability.

In light of this, the regulators are continually adapting their approach in order to identify what resilience measures organisations should be proactively putting in place.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series

APT Groups Exploiting COVID 19 Through Malware Campaigns | Nettitude

Posted by Nettitude on Oct 7, 2020 6:30:00 PM

By Paul Hood | Senior Threat Intelligence Analyst

Throughout 2020, a surge in malware and ransomware campaigns have been detected using coronavirus-themed lures to strike a wide range of sectors across the globe. The global COVID-19 developments alter the threat landscape significantly for worldwide organisations, particularly given the confluence of trying circumstances such as remote working, short-staffing due to furlough and the pressing need to share accurate and timely updates on the pandemic.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, SEO Series, malware campaign, ransomware campaign, covid malware

Evaluating Physical Security Controls with Pen Testing | Nettitude

Posted by Nettitude on Sep 22, 2020 4:45:20 PM

By David Lenehan | Managing Principal Security Consultant at Nettitude

Working on your company’s virtual IT security isn’t the only piece of the Information Security jigsaw puzzle. Whilst the bulk of your technical teams’ efforts should be filling in the centre of the jigsaw with things like firewalls, monitoring, endpoint protection, security testing, and more; an organisation's physical security can often get left behind. Whilst the centre of the puzzle is critical to your overall security infrastructure, if the little things like an unlocked server room or unauthorised access to the building is overlooked, then the whole security operation is jeopardised.

Below, we’ll step into the shoes of one of our expert Penetration Testers to find out his experiences with physical security failures and evaluate what went wrong, as well as what physical security measures need to be implemented in order to ensure a holistic cybersecurity plan is in place.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, Download Area, SEO Series

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

In 2018, Nettitude became part of The Lloyd's Register Group, an 8,000 person strong professional services organisation, with 300 years of heritage in safety and risk management. Nettitude now provides true global coverage, through a network of over 180 offices strategically placed around the globe.

Subscribe Here!

Recent Posts