Insights

Organisations across Europe are bracing for the full implementation of the NIS2 Directive (Network and Information Systems Directive 2). This updated legislation, which strengthens the security requirements for critical infrastructure, will become applicable by 18th October 2024. While it is an EU directive, its impact extends beyond the EU borders, affecting UK-based companies as well, despite the UK no longer being an EU member. 

In the fast-paced realm of cyber security, it's easy to assume that as new technologies emerge, the old ones fall away. Does this really apply to Cloud Security Posture Management (CSPM), with some questioning whether it's still relevant. Is CSPM dead, as some would suggest, or has it simply evolved into a more complex form? The short answer: CSPM is very much alive, but it now operates within a broader framework. Let’s explore what CSPM was designed to do, how it’s now integrated into Cloud-Native Application Protection Platforms (CNAPP), and why it remains the foundation for many of your cloud security challenges. 

In today's digital world, cyber security threats evolve at an alarming rate, making it increasingly difficult for businesses to keep up. Traditional methods such as Penetration Testing or Red Team Testing are often limited to one-off or periodic engagements, which while essential and valuable, may leave gaps in continuous visibility of exposure. This is where Continuous Threat Exposure Management (CTEM) steps in, offering a proactive, cyclical approach to ensure businesses are always ahead of the curve.  

Overview: A newly reported vulnerability in the Common Unix Printing System (CUPS) poses a significant security threat to UNIX-based systems, including Linux and macOS. Security researcher Simone Margaritelli has published the first of a series of blog posts detailing the issue, which can be exploited by sending a specially crafted HTTP request to the CUPS service. This vulnerability allows remote attackers to gain access to affected systems and execute arbitrary code, potentially escalating privileges and compromising critical assets.

The constant influx of CVEs (Common Vulnerabilities and Exposures) can make it difficult for businesses to keep up, leaving critical assets at risk. Added to this, organsations also have to deal with many other types of exposures, such as inappropriate identity permissions, or cloud platform misconfigurations. To address this challenge, Integrity360 is now offering Continuous Threat Exposure Management (CTEM) as a Service, providing organisations with a comprehensive solution to identify, prioritise, and manage the greatest risks to their critical assets, whether on-premises, in the cloud, or in a hybrid environment. 

New service addresses the resource gap that can result from CTEM

The Internet of Things (IoT) has transformed the way we connect and interact with technology, enabling devices from smart thermostats to industrial machinery to communicate seamlessly over the internet. However, with this connectivity comes a unique set of challenges in securing these devices and ensuring they aren't a gateway for cyberattacks. This is where IoT penetration testing comes in. 

The legal sector has seen a dramatic 77% increase in successful cyber attacks over the past year, with incidents rising from 538 in 2022/23 to 954 in 2023/24. This rise is largely due to the sensitive and valuable nature of the information that law firms hold, making them prime targets for cybercriminals.

In today’s fast-paced and technology-driven world, having a robust Business Continuity Plan is crucial. However, a Business Continuity Plan is not complete without a strong focus on integrating threat detection and response mechanisms. In this blog, we'll explore why integrating threat detection and response is essential and how to effectively incorporate it into your Business Continuity Plan.

London/Dublin/Cape Town – 28th August 2024 – As part of its global expansion plan Integrity360 has acquired Grove Group, a long standing cyber security and cloud services company headquartered in Cape Town, South Africa.  

 

In response to cyber security threats, the European Union has introduced the NIS2 Directive, a comprehensive update to the original Network and Information Systems (NIS) Directive. The new regulations are set to take effect by October 17th, 2024. 

Cloud security myths persist, casting unnecessary doubts on the technology's robustness. It’s time to set the record straight and bust some of the most prevalent myths surrounding cloud security.