Security is such a vast topic and there is always a new attack on the horizon. I am interested to hear what other security experts read on a regular basis. In this blog I have put together which newsletters I try (:-)) to read on a daily basis. https://www.ieee.org/membership-catalog/productdetail/showProductDetailPage.html?product=PER338-EDC&searchResults=Y (the IEEE flagship magazine on privacy … More How do you stay up to snuff on security?
Recently I met former co-students at a reunion, and told them that my area of expertise is security. Everybody agreed that I must work in a hot area and be in for a great career. Well, really? Latest polls indicate that (cyber) security is the top most concern to upper management especially when moving technology … More Security is important – or why every CSO wants to bang their head against a wall
Advanced persistent threats (APTs) are the stealth undercurrent of the daily news on security attacks. IT breaches where data get stolen are so prominent that APTs are getting mentioned but overlooked. APTs are developed and initiated by organizations with an almost unlimited amount of resources. They have highly skilled and incredibly smart people. They have … More Advanced persistent threats – or the new cyberwarfare
Suppose someone tells you that there is a brand new way of secure paying via the internet. The new technology is hyped and after slow adoption has now seen quite a media buzz and is being used by a growing number of companies and private people. Suppose that your conversational partner further tells you that … More The crypto currency Bitcoin – or trust as the key concept of IT security
I have long been nagged by colleagues to start a Security Anonymous group. So here is an introduction including twelve step program: Need help with a security problem? If you are concerned with a security problem and wish to learn more about Security Anonymous, read on further. Security Anonymous is a self-help group for people … More Security Anonymous – the twelve step program 🙂
We seem to hear about a major data breach at a company on a daily basis. Either the media is reporting more or the number of publicly known attacks rises or both. What can we learn from these reports? It is always data and application that adversaries are after. Although this is a no-brainer, we … More Internet pillory – what we need to learn from the Ashley Madison hack
Digital Business Transformation is “the” economic change process that every company is experiencing at the moment. It is constituted by 5 major technology trends: Internet of Things, aka 4thindustrial revolution Multi-connectivity Big Data Cybersecurity Cloud Computing The 4th industrial revolution describes the technology trend to connect sensors from industrial processes with regular IT, which goes together … More Secure Digital Business Transformation – What every Chief Security Officer (CSO) needs to know
The fourth revolution aka Internet 4.0 will drive what was a big “no-no” up until now. Operational and infrastructure processes will be connected with regular IT. This brings a whole new challenge of up until now unresolved security problems. One of the ideas currently debated is to mandate unique IDs for sensors. Here is my take … More Every sensor its unique ID! – Really?
You all heard that passwords are the weakest link to attack. For end-users passwords are a nuisance to remember especially when password rules require a certain combination of letters, numbers and special signs to be used and password changes are mandated on a regular basis. You can get the “No longer fall on your end-uses … More What’s wrong with this security requirement? – Or passwords are the weakest link for attacks
I believe that every customer has the possibility to configure their entire landscape securely with the best available technology. It disturbs me when customers tell me that they did not know about specific security products or features. I have received this feedback a lot lately. I want to change this and I will use the … More IT Security 101 – or how can you secure your IT landscapes?