Following last week’s webinar, ‘The year is 2030: what has changed in cyber?’, our global CTO, Ollie Whitehouse, offers some insights into what cyber resilience could look like in 10 years’ time.
Is the cyber security threat landscape based on fact or fiction? It’s just one question we posed to our own security experts Tim Anderson and Graham McElroy as we chatted to them to find out more about their thoughts on how organisations can reduce their cyber risk.
In the final part of this Black Team war stories series Mark F explains how we were approached by a multinational R&D company, which returns a profit of billions per year. Their primary concern was unauthorised access to their laboratories and the reputational damage that could potentially be caused if members of the public broke in.
Not every engagement is plain sailing. Black and Red Teaming come with the ever present dread of getting caught on day one and “failing/ruining” the engagement. An experienced team needs to appreciate the impact of getting caught but also how to salvage a job if and when it happens. This ensures the client still fully benefits from the assessment. This is the difference between the A team
In part two of our Black Team War story, the target was a multinational firm turning over billions of profit each year in the UK alone. They are responsible for collecting and storing substantial amounts of private data which would have been as damaging as it was valuable, should an attacker gain access to it.
In this first of our four-part Black Team War Stories series the targets were three industrial sites spread over the UK each handling rare and controlled substances. The client’s primary physical security concern was whether any of these materials could be taken off site during their production life cycle from an insider threat.
The objectives may vary, but a Black Team challenges an organisation’s susceptibility to physical-based attacks, whether that be through social engineering, media drops, bypassing of barriers, attacking door controls and so on. The assessment itself may also be complemented by tactics such as surveillance, open source intelligence gathering, and the deployment of bugging devices.
NCC Group is a named Trusted Partner to Police Scotland for delivery of Cyber Essentials certification, and is delighted to promote a new Cyber Essentials voucher scheme offered by the Scottish government, which will help to bolster the security of organisations across the country.
