Who is responsible for keeping my data secure?
As part of our recent Generation Cyber campaign, 43% of respondents told us that they felt that ‘owners of websites or apps’ were responsible for keeping their data secure. But who really is responsible for data security? We asked our head of public affairs, Kat Sommer.
Schrems II judgement – what does it mean for privacy and personal data in the UK and US?
In the latest news concerning how the personal data of people in the EU is transferred to the United States, the European Court of Justice has ruled that the protections afforded by the EU-US Privacy Shield are not adequate. In this article, we have simplified the case and decision to help you to understand the changes.
The link between patient safety and cyber security
Although the link between cyber security and patient safety could be considered obvious to some, there are still, perhaps, several key stakeholders that may not have these two views aligned closely enough. Stuart Kurutac, security consultant at NCC Group, explores how we can improve the awareness of the effect that cyber security issues pose to patient safety.
A question of trust: how can organisations build strong relationships within supply chain?
Over the past few months, trust has become an even more crucial element of the supply chain. So how can organisations strengthen it? We've explored this with the help of some of our contacts at Burness Paull LLP, the Scottish Business Resilience Centre and the Scottish Government.
5 cybersecurity tips for your lockdown exit strategy
NCC Group Technical Director, Lawrence Munro, explains how businesses can strengthen their cyber resilience by applying learnings from lockdown.
Securing the next frontier in space technology in collaboration with the University of Surrey
In a review of over 70 past satellite security incidents, experts at the University of Surrey and NCC Group have revealed significant cyber security risks to future satellite control and communication systems.
30 Minutes webinar series: 2030: What does the future hold for cyber security?
Following last week’s webinar, ‘The year is 2030: what has changed in cyber?’, our global CTO, Ollie Whitehouse, offers some insights into what cyber resilience could look like in 10 years’ time.
Disperse the fear, uncertainty and doubt and take charge of your cyber risk
Is the cyber security threat landscape based on fact or fiction? It’s just one question we posed to our own security experts Tim Anderson and Graham McElroy as we chatted to them to find out more about their thoughts on how organisations can reduce their cyber risk.
Black Team War Stories Part 4 (final): Textbook
In the final part of this Black Team war stories series Mark F explains how we were approached by a multinational R&D company, which returns a profit of billions per year. Their primary concern was unauthorised access to their laboratories and the reputational damage that could potentially be caused if members of the public broke in.
Black Team War Stories Part 3 - Turning a bust around
Not every engagement is plain sailing. Black and Red Teaming come with the ever present dread of getting caught on day one and “failing/ruining” the engagement. An experienced team needs to appreciate the impact of getting caught but also how to salvage a job if and when it happens. This ensures the client still fully benefits from the assessment. This is the difference between the A team
Black Team War Stories Part 2: Twelve in one
In part two of our Black Team War story, the target was a multinational firm turning over billions of profit each year in the UK alone. They are responsible for collecting and storing substantial amounts of private data which would have been as damaging as it was valuable, should an attacker gain access to it.
Black Team War Stories Part 1 - Which company are you a contractor with?
In this first of our four-part Black Team War Stories series the targets were three industrial sites spread over the UK each handling rare and controlled substances. The client’s primary physical security concern was whether any of these materials could be taken off site during their production life cycle from an insider threat.