Information Security Asia - Informationsecurityasia.com

Understanding Microsoft 365 Threat Intelligence and Using It Productively

With Microsoft 365 Defender and Threat Intelligence, admins of the Microsoft cloud solution can stay on top of the security of users and contained resources and successfully detect, prevent and defend against threats. The article shows the capabilities and features of the security solution. Microsoft 365 Defender is the central entry point when it comes …

Understanding Microsoft 365 Threat Intelligence and Using It Productively Read More »

What is SECAM (Security Assurance Methodology)?

Security, Business, Encryption

Security Assurance Methodology is a framework developed by the 3rd Generation Partnership Project (3GPP) to assure and evaluate the security of network products used in the mobile communications sector. An important partner in the development and implementation of the framework is the GSM Association (GSMA). SECAM provides general, testable security requirements and security properties for …

What is SECAM (Security Assurance Methodology)? Read More »

Analytics Make Supply Chain Security More Robust

Business, Data

Security analytics technology is becoming increasingly important to supply chain management. Analytics technology has become essential to many aspects of enterprise management. Some of the benefits of analytics even overlap with others. More companies than ever are using analytics to improve their security. They are also using data analytics tools to streamline many logistical processes …

Analytics Make Supply Chain Security More Robust Read More »

How to Defend Against Cybercrime Groups with Million-Dollar Budgets?

Security, Business, Computer, Data

The question from the headline is probably asked by every IT today. There are simple answers: “not at all”, “de-network / reduce dependency on IT” and “buy new tools”. Unfortunately, the same is true here as with many other complex issues: There is no quick easy solution (“silver bullet”). But there is a proven, three-step …

How to Defend Against Cybercrime Groups with Million-Dollar Budgets? Read More »

Implement Zero-Trust and Zero-Knowledge Security

Network, Business, Security

Distributed work requires remote monitoring and management of IT infrastructure. So you can protect every user on every device across the enterprise with modern privileged access management. The massive shift to distributed working creates new challenges for IT and DevOps teams, forcing them to monitor and manage infrastructure remotely. IT and DevOps workers need a …

Implement Zero-Trust and Zero-Knowledge Security Read More »

AIOps and Machine Learning: The Secret Recipe for Observability

Business, Data, Network

Traditional monitoring aggregates and displays data. When problems occur, traditional monitoring generates alerts. And there can be a lot of them. Some alerts are essential, but others just distract from important information. Filtering out these unimportant alerts is therefore essential. Time for Observability! Complex IT infrastructures leverage microservice architectures, and it’s critical that tech professionals …

AIOps and Machine Learning: The Secret Recipe for Observability Read More »

What Does Network Security Mean?

Network, Security

Network security not only ensures secure networking within companies but also plays a central role in connecting mobile users, for the Internet of Things (IoT), and for cloud computing. What does network security mean? Network security refers to all technical and organizational measures designed to ensure the confidentiality, integrity, and availability of data and systems …

What Does Network Security Mean? Read More »

Further Development of BSI Standard 200-4

Security, Business

Emergency management and regular drills are not yet standard everywhere, according to a result of the BSI (German Federal Office for Information Security) cyber security survey. This is to be changed by the planned BSI standard 200-4. The step-by-step model for getting started with BCM (business continuity management) plays an important role here. Further development …

Further Development of BSI Standard 200-4 Read More »

Foreign State Power in Domestic Cyberspace

Security, Data

A series of cyberattacks from the onset of the pandemic is dragging on like chewing gum. The attacks just won’t stop. Foreign state power in domestic cyberspace is a threat of a special kind. Foreign state power in domestic cyberspace Rarely has a major outcry been as deeply justified as that surrounding the attacks against …

Foreign State Power in Domestic Cyberspace Read More »

What Are Virus Scanners?

Malware, Security

An antivirus program protects computers from malicious software. This can be, for example, Trojans, worms or spyware, and other malware. Antivirus software is able to detect, block and remove malicious software. What are virus scanners? Basically, virus scanners, often called malware scanners, can be divided into different types depending on their function. Commonly used is …

What Are Virus Scanners? Read More »

OPNsense As a Professional Open Source Firewall

Network, Security

IT projects based on open source have been gaining popularity for several years now, including OPNsense as a central firewall solution for companies. The growing community and the independent adaptability make OPNsense a future-proof alternative to commercial solutions. Thanks to many plugins, OPNsense is worth a closer look, especially for SMEs. OPNsense As a Professional …

OPNsense As a Professional Open Source Firewall Read More »

What Is a Data Protection Impact Assessment?

Data, Security

What Is DSIA Data Protection Impact Assessment

The data protection impact assessment, or DSIA for short, is an important installation of the General Data Protection Regulation (GDPR). It is intended to ensure the protection of personal data in data-processing bodies through a risk analysis to be carried out in advance. The consequences of processing operations are to be examined and evaluated in …

What Is a Data Protection Impact Assessment? Read More »

10 Steps to Protect Against Hacker Attacks

Data, Malware, Security

Headlines about devastating cyberattacks have not been uncommon lately – and they seem to be becoming more frequent: Both the number of security breaches and their severity continue to increase. Yet it turns out that many of the attacks could be avoided. This makes security breaches a particularly bitter pill for those organizations that fall …

10 Steps to Protect Against Hacker Attacks Read More »

What is KMIP (Key Management Interoperability Protocol)?

Data, Business, Security

The Key Management Interoperability Protocol is a protocol standardized by OASIS (Organization for the Advancement of Structured Information Standards). KMIP enables the communication of applications and systems for the storage and management of keys, certificates, or other secret objects. What is KMIP (Key Management Interoperability Protocol)? The abbreviation KMIP stands for Key Management Interoperability Protocol …

What is KMIP (Key Management Interoperability Protocol)? Read More »

What Is Home Office?

Business, Computer, Mobile

Homeoffice is a form of telework that can be performed as telecommuting or alternating telecommuting. The work is performed completely or partially from private premises. Contact with the company, colleagues, or customers takes place via telephone, e-mail, and other Internet services. The IT and communications equipment required is a telephone, PC or laptop, and an …

What Is Home Office? Read More »

What is Metasploit?

Network, Business, Security

Metasploit is an open-source project that provides, among other things, the Metasploit framework. It contains a collection of exploits that can be used to test the security of computer systems. Metasploit can also be misused as a tool for hackers. What is Metasploit? The framework provided by the Metasploit open-source project can be used to …

What is Metasploit? Read More »

Users without Admin Rights

Business, Network, Security

Often, users are given admin rights on a computer because individual programs won’t work otherwise. This has been common practice for years, but it brings with it many problems, such as an increased risk of malware. In most cases, extended rights are not even necessary. Windows offers enough possibilities for users to work with the …

Users without Admin Rights Read More »

What Is Network Encryption?

Encryption, Data, Network

Network encryption operates on layer 2 or 3 of the OSI layer model. It ensures the confidentiality and integrity of transmitted data as well as the authenticity of communication partners and is transparent to higher-layer protocols or applications. What is network encryption? Network encryption encrypts data directly at the network layer. In the OSI layer …

What Is Network Encryption? Read More »

Tools for Data Protection Impact Assessment According to DSGVO

Data, Security

The number of construction sites in data protection is not decreasing, it seems. The data protection consequences of a hard Brexit are just one example. This makes it all the more important to set the right priorities in data protection. The best tool for this is the data protection impact assessment, for which there is …

Tools for Data Protection Impact Assessment According to DSGVO Read More »

Best Practices for Micro Segmentation

Business, Security

Cloud environments, IT virtualization, and software-defined infrastructure (SDI) are expected to realize key business objectives on the enterprise side, such as scalability, flexible service delivery, and cost-efficiency. Agile IT infrastructures as the foundation for digital transformation inevitably require CIOs and IT leaders to rethink their security strategy. That’s why micro-segmentation is a high priority. Best …

Best Practices for Micro Segmentation Read More »