Cyber security is on the boardroom agenda as organisations worldwide seek to improve their resilience against a backdrop of high-profile, and increasingly sophisticated cyber attacks. The number of breaches is up an average 27.4% year on year1 and 86% of companies around the world reported experiencing at least one cyber incident in 2017.
Founded in 2003, Nettitude is an award-winning provider of cyber security, compliance, infrastructure and managed security services to organisations worldwide and employs 140 cyber security specialists globally.
The acquisition strengthens LRQA's existing broad portfolio of cyber security services spanning certification, compliance, training, auditing and security consulting to now include penetration testing, information security consulting, managed security services and incident response. Together, Nettitude and LRQA now provide a complete suite of cyber security assurance services to help clients identify, protect, detect, respond and recover from cyber threats.
The need for cyber security solutions and growth in cyber security is driven by three broad areas:
- Industry 4.0 [IR4]
- As we move towards a more automated, integrated and interdependent, data driven economy, the risk of cyber attack increases.
- Cyber attacks are non-discriminatory
- Cyber attacks are now targeting a broader spectrum of industries and companies - irrespective of their size or geographical location.
- The regulatory focus on cyber security is increasing, with wide-ranging compliance requirements against standards, schemes and local legislation.
Alastair Marsh, Chief Executive Officer, LRQA commented, “This is an important acquisition for LRQA to enhance our capability in assuring the increasingly complex supply chains in which we operate. Information and operational technology security is a key concern for our clients across all sectors, as we see increasing dependencies on technology and challenges created by Industry 4.0.”
Nettitude founder and CEO, Rowland Johnson, commented, “The combination of Nettitude’s focused cyber security capability and LRQA's ability to execute across a broad range of sectors will make a formidable partnership. As the worlds of Information Technology and Operating Technology collide, the need to build integrated cyber security solutions will become essential. LRQA's geographic reach, and vision for how technology and data will influence industry will supercharge Nettitude’s growth, and provide significant synergies to LRQA's clients and partners.”
The acquisition of Nettitude delivers a widened cyber security service portfolio including:
- ISO 27001 - security risk consulting
- GDPR - security risk consulting
- Cyber Essentials - the UK government has launched the Cyber Essentials scheme to help Small to Medium sized organisations define and measure basic levels of security hygiene.
- PCI Audit & PCI Certification - as a Qualified Security Assessor (QSA) company, Nettitude has been approved by the Security Standards Council (SSC) to measure an organisation’s compliance to the PCI DSS standard.
- CBEST - CBEST assessments reflect some of the most sophisticated types of assessments that exist within the financial services sector today.
- Penetration Testing - we are an award winning, global leader in Penetration Testing, Vulnerability Research and Red Teaming. We have spoken at some of the most prestigious conferences worldwide, and are known to push the boundaries on all of our security testing engagements.
- Vulnerability Research - we have a dedicated and focused team of vulnerability researchers that work with our partners to identify security vulnerabilities in hardware and software devices.
- Security & Risk Consulting - our services advise our clients how to address information security, risk and compliance needs to identify vulnerabilities and assess technology and business risk to meet compliance mandates such as HIPAA, PCI, GDPR, ISO 27002 and more.
These services are in addition to LRQA’s existing cyber security assurance portfolio.
1Source - Ponemon Institute’s Cost of Cyber Crime report