Risk management

Open source library dependencies

Check dependencies on open source libraries!

With a high number of dependencies on open source libraries, unwanted problems can occur. As a recent incident shows, these do not have to be of technical origin, but can have human motives. The open-source faker.js and colors.js libraries were intentionally tampered with by Marak Squires, the developer. Developers who … continue reading

Budget in IT security!

Every company has a budget that is dedicated to IT. Consequently, some of that should go toward maintaining the company’s cybersecurity. This can take on very different dimensions. A budget for IT security! Within a company you have different budgets for certain areas. For example, every company has a budget … continue reading

Phish Scale – A new way of weighting phishing emails!

Phishing is the most common attack vector currently used by hackers. Phishing refers to the sending of e-mails that are intended to intercept sensitive information. For this purpose, these e-mails are disguised as if they come from a trusted person. Since phishing is a well-known problem, many companies train their employees with phishing campaigns. A US institute has now created a new form of evaluation, the so-called Phish Scale, which is intended to help to better understand the results of such phishing campaigns.

continue reading

Protective measures in the year of the hackers – methods for your own protection!

2020 is a very exciting year so far from the perspective of IT security. Due to the Corona pandemic, many employees had to work in the home office, or still do. This partial rapid step towards the “remote office” has created many security gaps that can be exploited by attackers. We have looked at various protective measures against hackers to make your systems more secure. We look at the step before the attack up to the reactive measures when an attack is in full swing.

continue reading

Trust Model or the Zero Trust Model – How should IT security be provided?

Due to the current effects of the COVID19 pandemic, many people are now thinking more about control. This partially awakened loss of control is not only in the health care system, but in many areas of society. This also includes IT systems, because especially the increasing home office creates new dangers that attackers can shamelessly exploit. In order to guarantee security we need models, and here there are two main opponents, the trust or zero trust model!

continue reading

Cyber incidents are the business risk 2020!

The biggest business risk in 2020 worldwide is cyber incidents. This refers to cybercrime and IT failures. However, data protection violations and fines also fall under the risk, which was cited as a business risk by around 40% of the 2,718 respondents. Even business interruption including supply chain interruption thus … continue reading