Security

The Color of Security: Working Safely with Last Pass

How to combine the new IT security requirements of companies with a good user experience for employees – safe and relaxed working is the goal. With cybercrime threats still growing steadily, the question of how to make enterprise collaboration not only more secure, but also more relaxed, arises more than ever. This applies to employees …

The Color of Security: Working Safely with Last Pass Read More »

How to Implement The KRITIS regulation Securely and In Compliance with The Law?

How to Implement The KRITIS regulation Securely and In Compliance with The Law

The renewed Critical Infrastructure Protection Ordinance (KritisV) has been in force since the beginning of the year. It obliges operators to secure their systems appropriately and in accordance with the state of the art. In this interview, Matthias Reidans from Rosenberger OSI answers which points have to be considered on the way to a secure …

How to Implement The KRITIS regulation Securely and In Compliance with The Law? Read More »

Convergence vs. Security in Industry 4.0

Convergence vs. Security in Industry 4.0

After digitization initially affected business operations and processes (including sales and marketing activities, higher-level planning processes and information systems for corporate management) in many companies and, as of today, is in use across all industries, the comprehensive digitization of production processes often lags behind. The concepts of Industry 4.0, which have been propagated for more …

Convergence vs. Security in Industry 4.0 Read More »

What is the Network Equipment Security Assurance Group?

What is the Network Equipment Security Assurance Group

The Network Equipment Security Assurance Group, or NESAG, of the GSM Association (GSMA) is a key partner of the 3rd Generation Partnership Project (3GPP) in the development and implementation of SECAM (Security Assurance Methodology). One of NESAG’s tasks is to define the framework for the accreditation of test laboratories and to coordinate the stakeholders involved …

What is the Network Equipment Security Assurance Group? Read More »

Recognizing the Most Common Threats – Not Guessing

Although most companies today are equipped with more than ten different security solutions, it is still becoming more difficult for them to get an accurate picture of the biggest risks. IT security budgets are steadily increasing, with security breaches – as security systems become denser – increasing significantly in frequency. As early as October 2021, …

Recognizing the Most Common Threats – Not Guessing Read More »

Criteria for Professional Crisis Management Solutions

Cyber incidents are among the greatest business risks of our time. With the Ukraine war, this danger has grown once again. Digital crisis management systems cannot prevent such attacks, but they can help to manage them well and quickly – provided they meet four criteria. According to the latest figures from the Allianz Risk Barometer …

Criteria for Professional Crisis Management Solutions Read More »

What is Common Criteria Recognition Arrangement (CCRA)?

What is Common Criteria Recognition Arrangement CCRA

Common Criteria Recognition Arrangement is an international agreement for mutual recognition of IT security certificates issued on the basis of the Common Criteria (CC). Signatory states recognize certificates of products and Protection Profiles issued by different national certification bodies. A distinction is made between Certificate Producer and Certificate Consumer among the participating states of the …

What is Common Criteria Recognition Arrangement (CCRA)? Read More »

Attention, Cost Trap: Security Vulnerabilities in APIs

api security vulnerabilities -

Costs due to insecure APIs have increased sharply. That’s according to a study published by Imperva. This looked at 117,000 cybersecurity incidents and estimates that API vulnerabilities cause $41 billion to $75 billion in losses per year. An API is an invisible ribbon that allows applications to share data to improve end-user experiences and outcomes. …

Attention, Cost Trap: Security Vulnerabilities in APIs Read More »

Metaverse and Its Security – What’s Changing Now

The metaverse is a concept that has been gaining momentum for several years, catapulting into the mainstream after Mark Zuckerberg’s rebranding of Facebook’s parent organization, Meta. The growing acceptance and interest of big tech suggest that a move toward the metaverse is arguably imminent as well as theoretically simple, but that’s not necessarily the case …

Metaverse and Its Security – What’s Changing Now Read More »

Vulnerability Research for Industrial Cybersecurity

IT security research communities have been around for a long time. They share their findings with each other and with the manufacturers of affected products to promote fixes that protect users. Manufacturers have long seen this contribution as beneficial as well, often offering bug bounty programs through which researchers are financially motivated and rewarded. But …

Vulnerability Research for Industrial Cybersecurity Read More »

The Status Quo in Security Awareness Training

The Status Quo in Security Awareness Training

Security awareness training always helps to protect the company and make the workforce more security-savvy. However, there are different approaches to designing them – some more effective than others. To strengthen cybersecurity, it is essential for organizations to train their own employees in the secure use of IT, networks, emails, and co. In many companies, …

The Status Quo in Security Awareness Training Read More »

Why MFA is not just MFA?

Why MFA is not just MFA

Multi-factor authentication (MFA) was developed to prevent or make it more difficult for accounts to be compromised. And although many companies now use multiple authentication mechanisms, especially for sensitive accounts, cybercriminals still manage to gain access to their victims’ accounts quite frequently. Multi-factor authentication has a problem: If only one of the authentication methods used …

Why MFA is not just MFA? Read More »

How Network Security Works for KRITIS Companies

How Network Security Works for KRITIS Companies

As operators of critical infrastructures (CRITIS), energy companies must meet high security requirements, as cyber-attacks and associated outages or disruptions can be of extraordinary consequence. However, network security in particular is increasingly challenging in the sector. Access controls and network performance, for example, must be adapted to an increasingly distributed workforce and thus increased the …

How Network Security Works for KRITIS Companies Read More »

Risk Management & Human Factors in Business Cybersecurity

One source of danger that must not be neglected in the development of an IT security strategy: is the human being. But it’s just not the typical “link-clicking” employee that needs to be considered here, but other human flaws and strengths that enable successful attacks.” Ask IT security experts where a company’s biggest vulnerability lies, …

Risk Management & Human Factors in Business Cybersecurity Read More »