Nettitude Blog

Evaluating Physical Security Controls with Pen Testing | Nettitude

Posted by Nettitude on Sep 22, 2020 4:45:20 PM

By David Lenehan | Managing Principal Security Consultant at Nettitude

Working on your company’s virtual IT security isn’t the only piece of the Information Security jigsaw puzzle. Whilst the bulk of your technical teams’ efforts should be filling in the centre of the jigsaw with things like firewalls, monitoring, endpoint protection, security testing, and more; an organisation's physical security can often get left behind. Whilst the centre of the puzzle is critical to your overall security infrastructure, if the little things like an unlocked server room or unauthorised access to the building is overlooked, then the whole security operation is jeopardised.

Below, we’ll step into the shoes of one of our expert Penetration Testers to find out his experiences with physical security failures and evaluate what went wrong, as well as what physical security measures need to be implemented in order to ensure a holistic cybersecurity plan is in place.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, Download Area, SEO Series

An insight into how Artificial Intelligence is used in Penetration Testing | Nettitude

Posted by Nettitude on Sep 18, 2020 5:00:19 PM

By Dai Kennett | Senior AI Researcher at Nettitude

With the digital era being well upon us, today’s state of affairs in the cybersecurity world have grown rather complex, in which there’s no exceptions for those of us who work in pen testing. Whilst traditional penetration testing techniques are still very much relevant to today’s reality, there’s no denying that there are many new tools, techniques and even new responsibilities that make penetration testing on the whole, a mammoth task. In light of this, it is become increasingly difficult for human teams to stay on top of these requirements in an effective way, in which it’s becoming more and more necessary to lean on technological automation in order to support our cybersecurity endeavours.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, Download Area, SEO Series

Endpoint Protection and Visibility – EPP & EDR | Nettitude

Posted by Nettitude on Sep 10, 2020 5:40:00 PM

By Mike Buckley | Presales Security Consultant at Nettitude

What is an Endpoint

Firstly, what is an endpoint? An endpoint is usually a device which communicates with the network to which it is connected. This can be a myriad of devices including, laptops, mobiles, tablets, servers etc. As the attack vectors vary hugely depending on where we focus, this blog will primarily target the laptop/desktop world. Risks to all endpoints may be similar, but the mitigations are very different.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, Download Area, risk assessment, SEO Series, endpoint protection, endpoint security, endpoint protection software

Technical Solutions for Data Loss Protection | Nettitude

Posted by Nettitude on Sep 1, 2020 4:32:59 PM

By Mike Buckley | Presales Security Consultant at Nettitude

There are a few important principles that should be keeping a responsible CIO/CISO awake at night. Most certainly, one of those would be the loss or leakage of business-critical data such as customer Personal Identifiable Information (PII) or financial details. One of the primary functions of their role is to recognise this and put into place processes and technical controls to lower the risk of that data being exposed. We only have to look in the media to see numerous examples of data breaches. Threat actors as we now call them have been trying to access data of various kinds stretching back into the 1980s when modems connected everything together. Unfortunately for the CIO/CISOs of today there are compliance frameworks such as GDPR which firmly put the burden of responsibility on their shoulders.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Security Testing, Cyber Security Blog, Download Area, risk assessment, SEO Series, data protection solutions, data loss protection, data leakage protection

The Clock is Ticking - Data Breach Response Times | Nettitude

Posted by Nettitude on Aug 26, 2020 2:05:06 PM

By Graham Stevens | Incident Response Consultant at Nettitude 

GDPR has been with those of us in Europe since May 2018, and in that time, we have seen a number of eye-watering fines being issued by the Information Commissioner's Office (ICO) here in the UK. This has for the most part been for data breaches and general carelessness with personal data by numerous organisations. In fact between March 2019 and March 2020 the ICO took regulatory action 236 times, with 15 of these resulting in fines for businesses who were in breach of the data protection laws.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Cyber Security Blog, Download Area, SEO Series

PCI Compliance – What have we learnt in 2020? | Nettitude

Posted by Nettitude on Jul 29, 2020 10:48:26 AM

By Stuart Wright | Head of Information Security Consulting at Nettitude

We are now over halfway through 2020, and it is fair to say that this has been an unusual year so far for everyone. Like many organisations, Nettitude has had to be agile in how we work, in which we have adapted to a whole new way of delivering consultancy. In addition, many of our clients have had to adapt their processes for how they receive assessments. As a result, we have all become very familiar with new ways of working and whilst this has been challenging to say the least, there is hope that it will create a new resilience in the way be approach challenges moving forwards. So how has the current climate affected PCI compliance? And what’s in store for the rest of 2020?

Below, we’ll take a look at some of the challenges faced around PCI compliance in recent months and reflect on what we’ve learnt, what needs to change, and the approach we’re taking to continue to ensure the effectiveness of our consultancy and assessment procedures.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Cyber Security Blog, Download Area, SEO Series

The Cost of Malware & its Impact on Business | Nettitude

Posted by Nettitude on Jul 21, 2020 5:03:17 PM

By Jenny Wu | Senior Incident Response Consultant at Nettitude

Malware in today’s world is a fact of life. As technology advances and devices are increasingly connected and evolving, so too are techniques and tools used to exploit this technology. With exploitation and malware rampant, the likelihood of your organization experiencing an attack and paying the price is set to increase.

Cyber-attacks and the damage they cause can be very costly to organizations. The costs of cyber-attacks are not limited to the immediate containment and eradication of threats. Operational costs, loss of revenue from downtime, emergency remediation and recovery solutions can exacerbate costs, not to mention the existence of intangible costs such as reputational loss. But what is the real impact of malware on business, and how can organization reduce its impact?

Read More

Topics: Cyber Security, Nettitude, Events, Security Blog, Cyber Security Blog, Download Area, SEO Series

The Importance of Network Security Consulting | Nettitude

Posted by Nettitude on Jul 17, 2020 2:30:59 PM

By Mike Buckley | Pre-Sales Consultant at Nettitude

In today’s busy environment, it’s becoming very rare for an organisations IT support team to be well resourced, with plenty of time on their hands. Having worked closely with our client’s IT Teams, one of the most frequent issues we hear about which poses a risk to an organisation’s cybersecurity is not having enough time. With cyber-threats constantly evolving, it is essential for IT teams to have time to attend training courses and gain experience on everything they are expected to support.

IT Support teams don’t have an easy job; they have to contend with a multitude of issues across a multitude of different technologies, all the while trying to appease their user base. Alongside other technologies that require in depth specialist knowledge, networks can be a particular challenge for IT teams.

In the following blog post, we’ll take a look at some of the most challenging issues that IT support teams in SME’s face, analyse the importance of making time for essential training and professional development, and examine the role of network security consulting.

Read More

Topics: Cyber Security, Nettitude, Security Blog, Cyber Security Blog, Download Area, SEO Series

Nettitude gain the STAR-FS accreditation

Posted by Nettitude on Jun 16, 2020 4:09:44 PM

By Ben Turner | Managing Principal Security Consultant at Nettitude  

We're pleased to announce that Nettitude have been listed as the first STAR-FS accredited company that are able to deliver both ‘Threat Intelligence’ and ‘Intelligence-Led Penetration Testing’ Services.

STAR-FS is a new regulatory tool used to assess the effectiveness of a firm’s cyber capability and risk profile. This assessment created by CREST is designed to be delivered by the Threat Intelligence (TI) and Penetration Testing (PT) providers. STAR-FS was designed to deliver similar outcomes to that of CBEST while being less onerous and resource intensive on the regulatory services that back it up.

So what does this mean for our customers within the financial services sector? In the following blog post, we'll discuss the details of the STAR-FS accreditation and how this will impact on our future business within the financial sector. 

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, SEO Series

A Guide to the Fundamentals of Infrastructure Penetration Testing

Posted by Nettitude on Jun 9, 2020 5:01:30 PM

By Tom MacDonald | Senior Security Consultant at Nettitude  

As more organisations begin to understand the importance of maturing their cybersecurity strategy, focus is shifting away from a more ‘compliance-based’ plan and is logically developing towards a reactive security posture with a more modern, proactive and continual assurance approach. Infrastructure penetration testing is a crucial part of an ongoing security assurance programme, as well as being a distinct step in the journey from  

In the following blog post, we’ll cover the reasons why an organisation would need an infrastructure penetration test, as well as the key as well as the key considerations that need to be made in advance of one.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, SEO Series

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

In 2018, Nettitude became part of The Lloyd's Register Group, an 8,000 person strong professional services organisation, with 300 years of heritage in safety and risk management. Nettitude now provides true global coverage, through a network of over 180 offices strategically placed around the globe.

Subscribe Here!

Recent Posts