Spotlight on the UK’s new operational resilience regulation
After years of consultation, the UK’s Prudential Regulation Authority (PRA) is set to publish new rules on outsourcing and third-party risk management this month. In our ‘Spotlight on’ series, Simon Fieldhouse explores what this means for the sector, its resilience, and the pace of digital transformation.
Research spotlight: Hardware and embedded systems
We recently published our annual research report – a look back at our work over the last year. In our follow up research spotlight series, we’re looking into some of the key areas in a little more detail – and in this instalment, we hear from Rob Wood, technical vice president at NCC Group, for more on our research into hardware and embedded systems.
Inge Bryan: Strong encryption indispensable for our security
A broad coalition of technology companies, civil society organizations and privacy advocates in The Netherlands is deeply concerned about plans by the Minister of Justice to weaken encryption. These parties, including Fox-IT, have joined forces calling on the next cabinet to continue to encourage the development, availability and application of all forms of encryption.Inge Bryan, Managing Director
Spotlight on cyber security as a science
Evidence-based cyber resilience decisions can make a quantifiable difference when it comes to material improvements for the global business community, and for society as a whole. While we are still in the foothills of this becoming common practice, our global CTO, Ollie Whitehouse, explores the way that our approach to security is changing.
Ransoms and beyond
As attackers take advantage of the recent rapid digital transformation and move to remote working, Managing Security Consultant, Kenneth Yu, takes a look at some of the most commonly exploited services for ransomware attacks.
The cyber landscape in 2021 and beyond: an opportunity to learn from the present
Our global CTO, Ollie Whitehouse, shares his thoughts on the future of the cyber landscape, including how we can strengthen society’s resilience against threats and create regulatory and legislative regimes fit for the digital age across the globe.
Helping SMEs to zero in on the risks
We take a look at what SMEs should be thinking about as they revisit and re-evaluate the decisions that were made if they were forced to accelerate their digital transformation last year.
Why ATM security has never gone out of style
Despite a rise in internet-based and cashless banking, ATM security remains as important as ever. Here, Daniel Calvo, Senior Security Consultant, explores the evolution of ATM security and how we can keep these machines secure in the years to come.
How can I materially improve my organisation’s security posture?
In this article from the latest issue of our Insight Space series, Technical Associate Director Lloyd Brough explains how security teams can rapidly reduce their cyber risk by prioritising and fixing security weaknesses and make high-quality security improvements.
NCC Conversations: LGBTQIA+ definitions around the world
As part of our NCC Conversations focus on LGBTQIA+ and inclusion, we’re exploring and challenging the common “too many letters” narrative by discussing the rationale behind some common and not so common acronyms and labels.
NCC Conversations: Transgender Day of Remembrance
Transgender Day of Remembrance is an annual observance that honours the memory of the transgender people whose lives were lost in acts of anti-transgender violence. Here, Liz James, Chair of our LGBTQIA+ steering committee pays respects to trans people around the world who are no longer with us.
Insider Threat: An Enemy in the Ranks
Written by Sourya Biswas, Principal Security Consultant and Jared Snyder, Security Consultant, NCC GroupRecently, an attempt by a Russian crime syndicate to subvert a Tesla employee to plant ransomware in the company’s systems made the news. Thankfully, the employee was not tempted by the half a million dollars offered and instead reported the approach to the authorities. However, companies cannot