Project: Advanced Cybersecurity Risk Assessment Checklist

February 6, 2019February 6, 2019 ~ larshilse ~ Leave a comment

What is the "Advanced Cybersecurity Risk Assessment Checklist" (ACRAC)?ACRAC allows any organisation to assess a status quo of their cybersecurity. It's a thorough, and constantly updated checklist to reduce common cyber threats organisations are confronted with. Its goal is to raise awareness for vulnerabilities, thereby neutralising a majority of threat vectors an organisation sees itself … Continue reading Project: Advanced Cybersecurity Risk Assessment Checklist

What is the best password strategy to pursue?

November 11, 2018 ~ larshilse ~ Leave a comment

When it comes to passwords, there are many opinions. However, a save passwords strategy doesn’t have to be so complex that you cannot remember the password you entered. Instead it is about choosing passphrases which are easy to remember for the human mind.

What’s the difference between risk, vulnerability, and threat in cyber security?

November 9, 2018November 7, 2018 ~ larshilse ~ Leave a comment

Differentiating the terms risk, vulnerability, and threat is quite difficult in a cyber security setting. This post intends to give a clear outline.

Removable media control, Endpoint security and The Problem of transportability of data

November 8, 2018November 7, 2018 ~ larshilse ~ Leave a comment

Removable media still presents one of the greatest threats; this post outlines one solution of how to deal with it properly.

Cyber insurance versus insurance companies

November 8, 2018 ~ larshilse ~ Leave a comment

Cyber insurance is becoming every increasingly important product for most organizations. Finding an insurance policy, and an underwriter to understand the risk is very difficult.

Cyber Insurance: What is a DDoS attack and how to mitigate it?

November 7, 2018November 7, 2018 ~ larshilse ~ Leave a comment

DDoS attacks are still a thing. But they are also easy to mitigate. Here is how, and an interesting discussion about the topic.

Why is it important to have a BOYD policy

October 31, 2018October 30, 2018 ~ larshilse ~ Leave a comment

Bring your own device or BOYD has become a trend in organizations and bring as many benefits. However, certain risks along, too!

Why it’s a good idea to isolate EOL applications/software with insufficient patches, and how to do it

October 30, 2018October 30, 2018 ~ larshilse ~ Leave a comment

Software that it’s not regularly updated presents at risk. However, sometimes it is out of our influence whether or not a software remains up to date. If the software vendor does not provide updates and patches in time, and option to deal with such situations is to isolate software in virtual machines etc.

Why you don’t want your RJ 45 sockets available in the wild

October 30, 2018October 30, 2018 ~ larshilse ~ Leave a comment

This post is about the security risks of having exposed RJ 45 sockets and your organization.