LRQA Nettitude Blog

Rowland Johnson, Nettitude’s Chief Executive was invited by HM Government to provide evidence to the Joint Committee on National Security Strategy. The session was televised and is viewable on the UK parliamentary website here.

Every day, over 3 million records are compromised from companies around the world. The fact is that cyber threats are no longer a question of IF, but WHEN, a breach will occur. It is vital for your company to have a cyber security plan in place so that you are ready to act if your organisation experiences a data breach.

Due to continued expansion we are seeking a Network Operations Engineer to be based in our Leamington Spa, Warwickshire offices.

PCI DSS and I

Your company obtained PCI compliance. It could have been a journey which ended with a QSA audit, a self-assessment; or, as I saw in some cases, forsaken the PCI crown and decided to “eat” the risk.

So, What now?

Small and large organizations with PCI obligations have more than a Cardholder Data Environment (CDE) to worry about. There are always cyber security concerns involving systems availability, reputation, and also sensitive data concerns around Personally Identifiable Information (PII), healthcare related data, Intellectual Property (IP), regulatory requirements etc.

A recap of RSA 2017

In my blog piece in January, An advance look at RSA 2017, I wrote of what attendees could expect in advance of the RSA 2017 conference to ensure they made the most of their time there.

I wrote of the importance of wearing comfortable shoes, as there’s a lot of walking at RSA. With events in the south, north and west Moscone Center buildings and also two blocks away at the Marriott Marquis, combined with the long expo floor aisles; I am surprised podiatrists didn’t set up shop outside the convention center.

Like everyone, I left the conference with extreme information overload, sore feet, and much more educated about the current and future states of information security.

Nettitude is a 120 man organisation with offices in the UK and US.  We deliver cutting edge cyber security services to some of the largest and most widely trusted organisations in the world.  We help organisations understand the risks from cyber and provide proactive guidance on how to reduce this risk through a series of professional services engagements.

I am sure many of you are reading this title thinking "what is he talking about, v3.2 went live ages ago" and you would be correct, however version 3.2 of the PCI DSS continues with the concept of future requirements, meaning the one year countdown to the 31^st January 2018 has begun.

February will see a series of events organised as part of Parliament’s Cyber Security Month, which is aimed at raising awareness of the importance of cyber security as an issue that those in Parliament need to address in their personal and professional lives.

As an ex-serviceman myself, I’m often approached by numerous service leavers who’ve asked how they can best prepare themselves for a career as an IT Security Consultant (AKA Penetration Tester / Ethical Hacker).

By Ben Rothke, CISSP PCI QSA

The RSA conference is about a month away and I am already looking forward to it. As the largest and one of the most influential information security conferences, it has turned into the go-to event of the information security season. Pretty much every player, big and small, in the information security world will be there.

RSA has long been the conference to get up to date information from security practitioners about current issues and threats. Now that the agenda for 2017 is available, four of the key topics for this year’s conference are on: