Articles

In an increasingly digital world, data breaches and cybersecurity threats have become a common problem for businesses of all sizes and industries. To mitigate these risks, organizations need to prioritize their security measures. In this article, we will explore how ISO 27001 assessments can significantly increase an organization’s security maturity level. From ISMS to norm, …

How ISO 27001 assessments significantly improve the level of IT security of a company Read More »

An information security management system (ISMS) is a systematic approach to managing sensitive information within an organization. It is a framework that helps organizations establish, implement, maintain and continuously improve their information security processes. The main objective of an ISMS is to ensure the confidentiality, integrity and availability of information assets while effectively managing risks. …

Importance and structure of an ISMS Read More »

First of all, we consider password managers to be an indispensable tool for companies to effectively ensure the security and management of passwords. By the way, the BSI also sees it that way and has compiled excellent information on the subject, as it often does. As a CIO, you are faced with the challenge of choosing the …

Password Manager? They all have massive weaknesses anyway. Can they be used in a corporate context at all? What should the CIO look out for? Read More »

Web application firewalls (WAFs), also called web application gateways or application/API protection products (WAAPs), are ideal for protecting your own offerings that are accessible from the Internet (such as self-hosted web servers or e-commerce offerings). They are designed to protect against common attack paths such as code injection, cross site scripting, other OWASP security risks …

Web Application Firewalls, DDoS and Botnet Protection: Lessons Learned from Procurement Projects Read More »

Why cyber security is important during Mergers and Acquisitions (M&A)? “Cybersecurity should be a key consideration in any M&A deal. Ignoring the potential risks could result in serious financial and reputational damage to the combined organization.” – Howard Schmidt, American computer security expert and former White House cybersecurity coordinator. What would the impact be on …

Practical guide to a secure Mergers and Acquisitions Read More »

Cybersecurity is a critical concern for organizations, independent of their sizes, operating industries or ecosystems. As potential threats are growing globally, so too does the cybersecurity market. A challenge that purchasers of cybersecurity products face is a need for more transparency. The cybersecurity market currently has around 7000 vendors; the global cybersecurity market is expected …

Benefits of a comprehensive cybersecurity procurement process Read More »

Identity and access management (IAM) systems in typical enterprise IT environments rely on a chain of trust that is rooted in human identities: For example, a personal ID, our social security number, and other official documents that are based on our birth certificate registered and stamped by a public authority. PKI systems are a way …

Public Key Infrastructure (PKI) for IoT and IIoT device manufacturers Read More »

As the world becomes increasingly connected and reliant on technology, cybersecurity has become a critical concern for organizations of all sizes. Cyber threats come in many forms, from phishing scams and malware to ransomware attacks and data breaches, and they can have serious consequences for businesses, including financial losses, damaged reputations, and legal liabilities. According …

Essential organizational measures and the role of an ISMS Read More »

Cybersecurity has been seen as an inefficient and non-transparent market: more than 7000 vendors, distributors, resellers, managed security service providers, and consultancies approach IT leaders with a similar message: “Buy my product or service (and buy it now), or you won’t be safe!”. But a key fact should be addressed: on average, between one-third and …

More security for your budget: Savings potential in IT security procurement Read More »

The category of IoT product security platforms is relatively new. The solutions are also referred to as: “firmware analysis”, “OT/IoT software supply chain security”, “automated security for embedded systems”, “networked device vulnerability assessment”, “reverse engineering/digital twin” or “automated security and compliance for digital products”. The solutions differ significantly in what they can ingest, analyze and …

Considerations for purchasing IoT vulnerability management solutions Read More »