Insights

In response to cyber security threats, the European Union has introduced the NIS2 Directive, a comprehensive update to the original Network and Information Systems (NIS) Directive. The new regulations are set to take effect by October 17th, 2024. 

Testing methodologies play a pivotal role in identifying vulnerabilities and fortifying systems against potential attacks. Among these methodologies, the concepts of Black Box, Grey Box, and White Box testing are fundamental. Understanding these approaches and their applications can significantly enhance the effectiveness of a security strategy.

With new data showing that the the number of cyber attacks on UK utility companies increased to 48 in 2023, representing a 586% rise compared to 2022 and Data breaches impacting 140,000 individuals, a substantial increase from 17,000 the previous year cyber security in the sector has never been so important. 

In a recent incident, a prominent cyber security company discovered they had inadvertently hired a North Korean operative posing as an IT professional. This individual, using various AI tools, managed to infiltrate the company by joining as an employee, accessed its systems and attempted to plant malware. The incident has brought to light the increasing sophistication of cyber threats during the recruitment process. If a major cyber security firm can fall victim, other less security-savvy organisations face even greater risks and underscores the necessity for robust verification processes and heightened vigilance in recruitment.

Crowdstrike have now published their preliminary post incident report (PIR) into the issue that impacted 8.5m Windows hosts. Their preliminary report is available in full on the CrowdStrike website:https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/)

Neil Gibb walks us through a typical day undercover as a physical cyber security specialist and shares Valuable advice for defending against physical threat actors.

One of the most potent lines of defence when it comes to cyber security is often overlooked: the users themselves. This blog explores some strategies to ensure users are an integral part of your cyber security solution, highlighting how Integrity360 can support each step.

Protecting organisational and personal data is crucial to protecting your organisation. To that end Identity security forms the cornerstone of a robust security foundation, addressing the complexities of modern multi-cloud environments and the expanding attack surfaces brought about by remote work and digital transformation. In this blog we look at how to build a solid security foundation through identity security, and how Integrity360’s managed cyber services can help.

It is essential to protect critical infrastructure systems from potential disruptions that can have wide-reaching consequences. Here’s why investing in robust cyber security measures is crucial for energy and utilities.

Proactive measures are crucial to safeguard sensitive data and maintain business continuity. This blog will explore the fundamental aspects of cyber security hygiene and provide actionable tips to help prevent threats before they materialise.

As cyber security threats continue to evolve, CISOs and IT professionals must stay ahead of increasingly sophisticated social engineering tactics. In this blog we take a look at some of the top social engineering threats to watch out for in 2024, with a focus on advanced AI-driven methods and traditional approaches that exploit human vulnerabilities.

One of the toughest (if not the biggest) challenges faced by the Chief Information Security Officer (CISO) is convincing the Board to invest in continuous cyber security measures. This ongoing battle is crucial for maintaining the security and integrity of the organisation, yet it often faces significant obstacles, primarily due to budget constraints and a lack of understanding at the executive level.