Here is an example of why it's a pretty good idea to have an update policy in place...
Author: larshilse
Protecting your organisation from the risk of social engineering
Humans are still the weakest link in cyber security, and they lack training to become aware of the risks. This is a very good example.
Protecting your organisation from CEO fraud
One of the most costly cyber threats/risks is CEO fraud.
Project: Advanced Cybersecurity Risk Assessment Checklist
What is the "Advanced Cybersecurity Risk Assessment Checklist" (ACRAC)?ACRAC allows any organisation to assess a status quo of their cybersecurity. It's a thorough, and constantly updated checklist to reduce common cyber threats organisations are confronted with. Its goal is to raise awareness for vulnerabilities, thereby neutralising a majority of threat vectors an organisation sees itself … Continue reading Project: Advanced Cybersecurity Risk Assessment Checklist
What is the best password strategy to pursue?
When it comes to passwords, there are many opinions. However, a save passwords strategy doesn’t have to be so complex that you cannot remember the password you entered. Instead it is about choosing passphrases which are easy to remember for the human mind.
Is your organizations data valuable to outside threats?
Whether or not your organizations data as valuable to outsiders depends heavily on what business you're in. Generally said, your organizations data is valuable :period. There is an ever increasing amounts of data being taken from paper, and digitized. Therefore they are not only victim to attempts of corporate espionage, but also to data collection … Continue reading Is your organizations data valuable to outside threats?
What’s the difference between risk, vulnerability, and threat in cyber security?
Differentiating the terms risk, vulnerability, and threat is quite difficult in a cyber security setting. This post intends to give a clear outline.
How do you handle antivirus alerts
Antivirus incidents are quite common. But there are special, and effective ways to handle them.
Removable media control, Endpoint security and The Problem of transportability of data
Removable media still presents one of the greatest threats; this post outlines one solution of how to deal with it properly.
Cyber insurance versus insurance companies
Cyber insurance is becoming every increasingly important product for most organizations. Finding an insurance policy, and an underwriter to understand the risk is very difficult.
Cyber Insurance: What is a DDoS attack and how to mitigate it?
DDoS attacks are still a thing. But they are also easy to mitigate. Here is how, and an interesting discussion about the topic.
Finding your next employer on the dark web?
With a potential bandwidth of the deep web increasing, it turns more and more into a profitable marketplace. Most recently, employers have sprung up, looking for qualified personnel. Work without the pension scheme’s, 9 to 5, and other inhibiting factors.
About John Cryan and the nonsense of the cashless society
Cache currency is a blessing for law-enforcement because it allows them to trace back the origins to a crime. When criminals are forced to resort to crypto currency, the game changes.
Mitigating sophisticated phishing attacks
The next generation of phishing attacks is there. Brace yourselves, and mitigate!
@Cloudflare and @TorProject: Speeding up #Privacy
The #privacy internet is finally becoming faster; a lot!
Why is it important to have a BOYD policy
Bring your own device or BOYD has become a trend in organizations and bring as many benefits. However, certain risks along, too!
The case of the spying paper shredder
Cybercrime comes in many forms industrial espionage is one of them. Today, we are not even safe from paper shredders in the offices anymore.
The most complex case of CEO Fraud… yet; and how to mitigate it.
CEO fraud is one of the most devious forms of cybercrime, and social engineering. The most complex form was experienced, and the risk for future attacks was mitigated.
Why it’s a good idea to isolate EOL applications/software with insufficient patches, and how to do it
Software that it’s not regularly updated presents at risk. However, sometimes it is out of our influence whether or not a software remains up to date. If the software vendor does not provide updates and patches in time, and option to deal with such situations is to isolate software in virtual machines etc.
Why you don’t want your RJ 45 sockets available in the wild
This post is about the security risks of having exposed RJ 45 sockets and your organization.