In aanloop naar het congres Veiligheid bij Evenementen op 7 december 2016 op The Hague Security Delta Campus interviewden wij Hisso Homan, veiligheids- en calamiteitenmeteoroloog bij het KNMI en spreker op het congres Veiligheid bij Evenementen. Hisso geeft zijn visie op de invloed van het weer op veiligheid bij evenementen. Wat zijn actuele ontwikkelingen op het terrein van evenementenveiligheid? Het …
Lees verder »Niet zwartepieten in Maassluis
Aankomende zaterdag is het weer zo ver. De intocht van de goedheilig man in ons land. De kleine kinderen zullen op de schouders van hun vaders zitten of met hun neus tegen de buis. En ze vragen zich af of sinterklaas weer veilig aan land komt en of hij wel cadeautjes heeft meegebracht. De volwassenen vragen zich vooral af of …
Lees verder »Should we report our cybercrime leaks?
Edwin van Andel, Hacker and public speaker for Zerocopter at the Cyber Security Event. Yesterday the Dutch parliament passed a law stating that organisations now have the obligation to report on severe cyberattacks. Last week in a dutch newspaper, an article emerged in which an interview was done with the Dutch ex-prosecutor, Aldo Verbruggen. The topic was cybercrime, or better, …
Lees verder »Zie geweldspatronen in plaats van incidenten
De meldcode moet worden aangepast, kondigde staatssecretaris Van Rijn van VWS dit voorjaar aan. Investeer in collectief leren, adviseert Sietske Dijkstra. ‘Blijvend resultaat boek je door samen intensief casussen te bespreken.’ Sietske Dijkstra, eigenaar van Bureau Dijkstra, docent op de opleiding regisseur huiselijk geweld en kindermishandeling en voormalig lector huiselijk geweld en hulpverlening in de keten aan het Expertisecentrum Veiligheid …
Lees verder »3 Ways to Mitigate Insider Security Risk
As recent data breaches show, every organization needs to take action to better secure insider access, particularly that of privileged users and contractors. By Travis Greene, NetIQ, the security portfolio of Micro Focus In 1992 during the preparation for Bill Clinton’s first presidential campaign, political strategist James Carville, in an effort to focus the messaging, hung a sign in the …
Lees verder »When Multi-Factor Authentication Fails
Recently, we’ve seen evidence of the increase in insider threats related to outsiders obtaining and abusing insider credentials. Like others, I’ve pointed to multi-factor authentication (MFA) as a means to mitigate the risk posed by this attack method. But, it’s worth considering – what are the limitations of MFA in reducing the risk of outsiders abusing insider credentials? To be …
Lees verder »Multi-factor Authentication: Waking up to the Elephant in the Room
If the Panama Papers were a wake up call to pay closer attention to insider threats, two recent developments have revealed that we have awakened to an elephant in the room. The first is the release of this year’s Verizon Data Breach Investigations Report (DBIR) on April 26, which states, “63 percent of confirmed data breaches involved weak, default or …
Lees verder »Thar She Blows: Mitigating Whaling Risk
CIO recently reported that a variant of spear phishing called whaling has emerged as a major cybersecurity threat. Whaling is a social-engineering scheme that uses the relationship between executives and employees to trick employees into taking an illicit action. An attacker masquerading as an executive bids, and the employee does his or her bidding. Notable companies such as Snapchat, Seagate, …
Lees verder »Discouraging Attacks from Within
What does the name “Panama Papers” bring to your mind? Outed tax evaders? Exposed grafters? Money launderers? Or like me, does your mind go straight to the risk and prevention of insider security breaches? For those of you who don’t habitually pore over the financial or security press, the Panama Papers refers to a massive and lengthy data breach that …
Lees verder »Understanding Why Business Managers Hate Access Certifications
Almost every job includes monotonous—but necessary—tasks that we dread completing. For line of business (LOB) managers, access certification is one of these tasks. Imagine a seemingly endless list or spreadsheet containing lines upon lines of users’ names coupled with their levels of access. In addition to a long list of other responsibilities, LOB managers are responsible for carefully evaluating whether …
Lees verder »