By Mike Buckley | Pre-Sales Consultant at Nettitude  

Firewalls have been around for what seems a very long time now. Firstly, they were considered in theory at the end of the 80s as a simple packet filter, but they soon progressed within a decade to a stateful offering, pioneered by the likes of Check Point with a usable front end.  It seems remarkable now that a Firewall that previously only inspected the first few packets of a connection to allow or deny was considered “next-gen”, but that’s just a measure of how far cybersecurity has moved on in the last twenty years. 

Whilst Check Point and Cisco ruled the market for a while, until Palo Alto came in and disrupted the marketplace with their application-based policies; there has been a big shift in how the Firewalls inspect traffic, and how policies have moved from traditional IP based rules to being able to allow particular users access to particular applications, enabling much more granularity and control.  Many more features have come (and in some cases gone) since then and of course now there’s an argument that there’s no perimeter any more, so what does that mean for the Firewall?

In this blog post, we’ll look at the function of modern firewalls and what’s in store for the future of firewall development and functionality.

By Nettitude  

At Nettitude we have the great advantage of seeing first-hand how organisations of all shapes and sizes approach cybersecurity. And like all good consultants, we are magpies; borrowing the best and worst of what we see and absorbing it into our accumulated knowledge. This approach means that when we advise our customers, we’re able to draw on a vast body of knowledge and experience, saving our customers’ time by avoiding the mistakes we have observed within other organisations.

In this blog post, we'll look at why the NCSC 10 Steps guidelines are a good place to start when evaluating your cybersecurity posture, as well as advice on how to implement these guidelines. 

By Nettitude  

Are your email habits putting you at risk? Email is one of the most common means of communication but is also an easily and widely abused system for providing entry points for attackers into our organisations. In particular, during the recent pandemic, we have seen a significant rise in the amount of Phishing attacks carried out by email, meaning organisations need to be even more vigilant.

Nettitude uncovered a recent Maritime campaign focused on manipulating behaviours and common industry practices to deliver malicious payloads and compromise networks. In the following blog post, we’ll go over our findings on a recent attack, as well as how to spot this type of attack and the best methods for responding.

By Craig Boyle |Senior Security Consultant at Nettitude  

An Introduction to Cloud Services

Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP) are the current leaders in Cloud Computing, and offer hundreds of services between them. The continuous expansion of features, inherent flexibility, and broad access offered by Cloud Computing are compelling reasons for its adoption, and organisations of all sizes are looking to migrate their workloads.

By Mike Buckley | Pre-Sales Consultant at Nettitude  

Security Information and Event Management (SIEM) Services have matured hugely in the last ten years. Moving from a compliance driven requirement, to becoming security best practice, SIEM Services are now recognised by various Security Frameworks. As the marketplace has developed, so too have the Managed Service offerings that protect SIEM technologies. As a result, it is no longer enough to deploy a SIEM technology with reliance on only the most basic of filtering to detect a potential threat.

This blog post will look at the development of Security Information and Event Management Services and will consider what additional security measures are now needed.

By Adrian Shaw | Senior Incident Response Consultant at Nettitude

Incident Response, in line with Information Security, is generally a challenge for a lot of organisations. Despite this, the good news is that cybersecurity is now being recognised as more of a crucial component of a business plan within organisations; many of which now have a programme in place to implement Incident Response capability. Whilst this is a step in the right direction, it should be ensured that these programmes should be iterative in order to facilitate the maturing of their capabilities.

When it comes to security testing, there are two very common tests that you may want to consider. The first is vulnerability testing and the second is penetration testing. This blog post aims to explain what each kind of test is, and then define the difference between penetration testing and vulnerability scanning.

By Mike Buckley | Pre-Sales Consultant at Nettitude

Are you confident your critical business systems are secure? Willing to bet your career on it? Whilst fairly easy to manage if you have the right systems and procedures in place, if your identity and access management controls are not configured correctly, it could be like leaving the front door of your house wide open. The challenge that many of our clients’ face is working out to what extent they need to configure access to their business-critical systems. With too many controls in place, it can be disruptive to work flow and cause projects to become overdue. However, with too much freedom, you risk compromise to those critical systems. So how do you get the balance right?

Below, we’ve compiled some of our expert in-house knowledge to help businesses get a better idea of how to strike a balance when it comes to identity and access management controls.

By Christopher Laing | Security Consultant at Nettitude 

Please note: The following blog post is relevant to our UK and European readers specifically, although the concept of identifying a data breach is relevant on a global scale.

In our line of work, we very often see businesses rush into panic mode when they suspect a data breach. From releasing confidential information to a body who does not have permission to view it, to secure systems being hacked, there are many ways that personal data can be exposed either intentionally by malicious activity, or unintentionally by internal staff. Whilst there are some simple best-practice housekeeping which can be applied to prevent such breaches, unfortunately, data leaks still happen. The key to handling such data breaches, is firstly, knowing how to identify one.

Whilst it can seem like a major disaster at the time, sending your workforce into panic mode, sometimes the mishandling of data isn’t yet a breach. In this case, knowing how to identify a data breach is your best asset, before having to cry wolf! In the following blog post, we’ll cover how you can identify a data breach, so that you can take the best appropriate action should your business ever suffer a breach (touch wood!).

By Graham Stevens | Incident Response Consultant at Nettitude

Most businesses of a certain size will have a range of plans & policies put in place to help them when disaster strikes. These are often referred to as business continuity and disaster recovery documents, which will outline how the business should recover from a natural or human-induced disaster, and will include how the business will continue to run & support critical services or functions, or how to recover their technology infrastructure.

In the following blog post, we will discuss how to prepare a disaster and recovery plan and go into some of the identifying factors between a cyber-incident and a cyber-emergency.