Articles

Buyer´s Guide: Third Party Cyber Risk Ratings Tools

Buyer’s Guide for Third Party Cyber Risk Ratings Tools

You can download the buyer’s guide at the end of this article. Supply chain risk management for large organizations or operations of critical infrastructure increasingly include cyber risk monitoring. From the suppliers’ perspective, having a shared repository that their customers can access, helps to avoid repetitively answering the same questions about their security controls and …

Buyer’s Guide for Third Party Cyber Risk Ratings Tools Read More »

Identity Threat Protection

Identity Threat Protection Solutions: Purchasing Guide

Solutions for protecting directory services and identity providers (especially Active Directory Domain Services and Azure AD/Entra) against attacks have been available for several years. These are advertised under various names, in particular Identity Protection, Identity Threat Detection and Response (ITDR) or AD Protection / AD Threat Detection. Some of the solutions are available as standalone …

Identity Threat Protection Solutions: Purchasing Guide Read More »

How ISO 27001 assessments significantly improve the level of IT security of a company

In an increasingly digital world, data breaches and cybersecurity threats have become a common problem for businesses of all sizes and industries. To mitigate these risks, organizations need to prioritize their security measures. In this article, we will explore how ISO 27001 assessments can significantly increase an organization’s security maturity level. From ISMS to norm, …

How ISO 27001 assessments significantly improve the level of IT security of a company Read More »

Importance and structure of an ISMS

An information security management system (ISMS) is a systematic approach to managing sensitive information within an organization. It is a framework that helps organizations establish, implement, maintain and continuously improve their information security processes. The main objective of an ISMS is to ensure the confidentiality, integrity and availability of information assets while effectively managing risks. …

Importance and structure of an ISMS Read More »

Password Manager? They all have massive weaknesses anyway. Can they be used in a corporate context at all? What should the CIO look out for?

First of all, we consider password managers to be an indispensable tool for companies to effectively ensure the security and management of passwords. By the way, the BSI also sees it that way and has compiled excellent information on the subject, as it often does. As a CIO, you are faced with the challenge of choosing the …

Password Manager? They all have massive weaknesses anyway. Can they be used in a corporate context at all? What should the CIO look out for? Read More »

Attack Detection System in accordance with the IT Security Act 2.0

You can download this article at the end with more informations. Several thousand operators of critical infrastructures in Germany are currently in the process of planning, implementing and testing systems for attack detection in accordance with § 8 a BSIG, based on the relevant guidance and other BSI guidelines. We are happy to help you …

Attack Detection System in accordance with the IT Security Act 2.0 Read More »

Web Application Firewalls, DDoS and Botnet Protection: Lessons Learned from Procurement Projects

Web application firewalls (WAFs), also called web application gateways or application/API protection products (WAAPs), are ideal for protecting your own offerings that are accessible from the Internet (such as self-hosted web servers or e-commerce offerings). They are designed to protect against common attack paths such as code injection, cross site scripting, other OWASP security risks …

Web Application Firewalls, DDoS and Botnet Protection: Lessons Learned from Procurement Projects Read More »

Practical guide to a secure Mergers and Acquisitions

Why cyber security is important during Mergers and Acquisitions (M&A)? “Cybersecurity should be a key consideration in any M&A deal. Ignoring the potential risks could result in serious financial and reputational damage to the combined organization.” – Howard Schmidt, American computer security expert and former White House cybersecurity coordinator. What would the impact be on …

Practical guide to a secure Mergers and Acquisitions Read More »

Benefits of a comprehensive cybersecurity procurement process

Cybersecurity is a critical concern for organizations, independent of their sizes, operating industries or ecosystems. As potential threats are growing globally, so too does the cybersecurity market. A challenge that purchasers of cybersecurity products face is a need for more transparency. The cybersecurity market currently has around 7000 vendors; the global cybersecurity market is expected …

Benefits of a comprehensive cybersecurity procurement process Read More »