Insights

The Internet of Things (IoT) has transformed the way we connect and interact with technology, enabling devices from smart thermostats to industrial machinery to communicate seamlessly over the internet. However, with this connectivity comes a unique set of challenges in securing these devices and ensuring they aren't a gateway for cyberattacks. This is where IoT penetration testing comes in. 

In today’s fast-paced and technology-driven world, having a robust Business Continuity Plan is crucial. However, a Business Continuity Plan is not complete without a strong focus on integrating threat detection and response mechanisms. In this blog, we'll explore why integrating threat detection and response is essential and how to effectively incorporate it into your Business Continuity Plan.

In response to cyber security threats, the European Union has introduced the NIS2 Directive, a comprehensive update to the original Network and Information Systems (NIS) Directive. The new regulations are set to take effect by October 17th, 2024. 

Testing methodologies play a pivotal role in identifying vulnerabilities and fortifying systems against potential attacks. Among these methodologies, the concepts of Black Box, Grey Box, and White Box testing are fundamental. Understanding these approaches and their applications can significantly enhance the effectiveness of a security strategy.

With new data showing that the the number of cyber attacks on UK utility companies increased to 48 in 2023, representing a 586% rise compared to 2022 and Data breaches impacting 140,000 individuals, a substantial increase from 17,000 the previous year cyber security in the sector has never been so important. 

In a recent incident, a prominent cyber security company discovered they had inadvertently hired a North Korean operative posing as an IT professional. This individual, using various AI tools, managed to infiltrate the company by joining as an employee, accessed its systems and attempted to plant malware. The incident has brought to light the increasing sophistication of cyber threats during the recruitment process. If a major cyber security firm can fall victim, other less security-savvy organisations face even greater risks and underscores the necessity for robust verification processes and heightened vigilance in recruitment.

Crowdstrike have now published their preliminary post incident report (PIR) into the issue that impacted 8.5m Windows hosts. Their preliminary report is available in full on the CrowdStrike website:https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/)

Neil Gibb walks us through a typical day undercover as a physical cyber security specialist and shares Valuable advice for defending against physical threat actors.

One of the most potent lines of defence when it comes to cyber security is often overlooked: the users themselves. This blog explores some strategies to ensure users are an integral part of your cyber security solution, highlighting how Integrity360 can support each step.

Protecting organisational and personal data is crucial to protecting your organisation. To that end Identity security forms the cornerstone of a robust security foundation, addressing the complexities of modern multi-cloud environments and the expanding attack surfaces brought about by remote work and digital transformation. In this blog we look at how to build a solid security foundation through identity security, and how Integrity360’s managed cyber services can help.

It is essential to protect critical infrastructure systems from potential disruptions that can have wide-reaching consequences. Here’s why investing in robust cyber security measures is crucial for energy and utilities.

Proactive measures are crucial to safeguard sensitive data and maintain business continuity. This blog will explore the fundamental aspects of cyber security hygiene and provide actionable tips to help prevent threats before they materialise.