What is Bring Your Own Identity? Bring Your Own Identity is the name for a concept in which the digital identity for the use of service is provided and managed by a separate instance. The user can log in to many different services using a single identity. Many social network operators offer their users the … Read more
What is IT Forensics? IT forensics is a subfield of forensics and deals with the methodical analysis of incidents on IT systems and the securing of evidence that can be used in court. The goal is to determine exactly what actions have taken place on an IT system and who caused or is responsible for … Read more
Emergency management is designed to ensure the continuity of business operations during emergencies. It enables organizations to respond appropriately in the event of disruptions to critical business processes. Components of emergency management are emergency preparedness and emergency response. In times of uncertainty and unpredictability, it’s crucial to explore the importance of preparedness, response, and recovery. … Read more
With the further development of the BSI 200 standards as part of the basic IT protection, the German Federal Office for Information Security (BSI) wants to help companies follow uniform specifications in IT security. Companies that want to sustainably improve their IT security should promptly address the requirements of the updated BSI standards. What the … Read more
Self-Sovereign Identity (SSI) ensures secure and trustworthy digitization. Users can self-sovereign their digital identity and credentials such as ID cards or certificates to applications. The European SSI ecosystem breaks dependencies on monopolists and gives us the freedom to shape the digital future with confidence and speed. What Is Self-Sovereign Identity? Self-Sovereign Identity (SSI) is a … Read more
The Key Management Interoperability Protocol is a protocol standardized by OASIS (Organization for the Advancement of Structured Information Standards). KMIP enables the communication of applications and systems for the storage and management of keys, certificates, or other secret objects. Managing encryption keys efficiently and securely has become a critical challenge for organizations. Enter Key Management … Read more
Home office is a form of telework that can be performed as telecommuting or alternating telecommuting. The work is performed completely or partially from private premises. Contact with the company, colleagues, or customers takes place via telephone, e-mail, and other Internet services. The IT and communications equipment required is a telephone, PC or laptop, and … Read more
In today’s rapidly evolving digital landscape, software vulnerabilities and bugs are commonplace. Cybersecurity threats are continually advancing, and attackers are relentless in their efforts to exploit any weakness in software systems. Patch management plays a crucial role in mitigating these risks and keeping computer systems, applications, and networks secure. However, what is patch management exactly? … Read more
CISO vs CSO? They sound very similar, and yet they are different: the Information (Chief) Security Officer (CSO) and the (Chief) Information Security Officer (CISO). While the Information Security Officer is concerned with the security of data and information, the Security Officer is responsible for the overall security of the organization. Both the Information Security … Read more
Common Criteria Recognition Arrangement is an international agreement for mutual recognition of IT security certificates issued on the basis of the Common Criteria (CC). Signatory states recognize certificates of products and Protection Profiles issued by different national certification bodies. A distinction is made between Certificate Producer and Certificate Consumer among the participating states of the … Read more
Security Assurance Methodology is a framework developed by the 3rd Generation Partnership Project (3GPP) to assure and evaluate the security of network products used in the mobile communications sector. An important partner in the development and implementation of the framework is the GSM Association (GSMA). SECAM provides general, testable security requirements and security properties for … Read more
Cyberwar is a warlike confrontation between states in virtual space, which is conducted by means of information technology. The aim of cyberwar is to damage countries, institutions, or society electronically and to disrupt important infrastructures. With the increasing reliance on digital technology and the interconnectedness of the world, cyberwarfare has become a growing concern for … Read more