Spotlight on APRA’s Operational Risk Management Standard
The financial sector is evolving at pace as organisations onboard new tech, and while exciting, these changes come with an increased risk of supplier failure, service deterioration and concentration risk. The latest in a series of new regulations is the Australian Prudential Regulation Authority’s (APRA) standard, released in October 2022.
NCC Group welcomes UK NCSC’s Annual Review 2022
The UK’s National Cyber Security Centre (NCSC) has released its annual review for 2022 – identifying the five key cybersecurity threats, risks and vulnerabilities currently facing the UK.
NCC Group Monthly Threat Pulse – September 2022
September’s analysis from NCC Group’s Global Threat Intelligence team shows an increase in ransomware attacks after a rather turbulent summer period in the threat group scene, with Conti disbanding, Lockbit rebranding, and new actors emerging.
Connected tech: smart or sinister? UK Parliament Committee invites NCC Group’s Matt Lewis as expert witness
On 11 October, NCC Group Commercial Research Director Matt Lewis gave evidence to the UK Parliament’s Digital, Culture, Media and Sport Select Committee about the cyber security risks of connected technologies and what can be done to mitigate them.
Fake antivirus, Sharkbot circles back onto Google Play store
Back in February 2022, our Fox-IT threat intelligence team discovered a new generation banking Trojan, posing as a fake Android antivirus cleaner, known as SharkBotDropper, in the Google Play store. Last month, the team detected a new version of this malware dropper active in two apps on the Google Play store, with over 60,000 installations between them.
Future of transport mobility - keeping the sector safe and secure
After being appointed vice chair of the techUK Intelligent Mobility and Transport Steering Board , Dr Liz James, senior security consultant at NCC Group, discusses her new role and its impact on the cyber security community.
NCC Group Monthly Threat Pulse – August 2022
Analysis from NCC Group’s Global Threat Intelligence team suggests a proliferation of new and evolving threat actors in August with the emergence of new threat actor, IceFire and a surge in activity for most active attacker Lockbit 3.0.
NCC Group Monthly Threat Pulse - July 2022
The ransomware threat scene continues to evolve following the disbanding of Conti, as ransomware attacks rose from 135 in June to 198 in July, representing a 47% increase, as reported by NCC Group’s Global Threat Intelligence team.
NCC Group appointed as global auditor for GSMA Network Equipment Security Assurance Scheme (NESAS)
We are delighted to announce our recent appointment as one of only two global auditors for the GSMA Network Equipment Security Assurance Scheme (NESAS)
Reserve Bank of India issues direction on outsourcing of IT services
We share our thoughts on the Reserve Bank of India’s (RBI) Master Direction to set out a risk management framework for the outsourcing of IT services.
NCC Group welcomes expansion of Australia’s Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework
Having supported with the creation of the original CORIE framework and pilot launch in 2021, Tim Dillon, our Director of Professional Services in the Asia Pacific region, has been acknowledged for his contribution and shares his reaction to the updated framework.
Protecting our data: UK Government publishes Data Protection and Digital Information Bill
In July this year, the UK Government published its newly reformed data protection bill, the Data Protection and Digital Information Bill, aiming to improve upon previous regulations and simplify the UK’s data protection landscape. Stephen Bailey, Global Privacy Services practice lead at NCC Group, provides his thoughts on the Bill