Veiligheid in de organisatie

Cyber security awareness

In aanloop naar het Cyber Security Event op 29 november 2016 op The Hague Security Delta Campus interviewden wij Foppe Vogd, ambassadeur van de awareness game Elevator van het CIO Platform Nederland. Foppe is spreker op dit event en in het middagprogramma is er gelegenheid de game te spelen. Foppe geeft zijn persoonlijke visie op Cyber security. Foppe is de grondlegger …

Lees verder »

Samenwerken met ketenpartners aan cyber security

In aanloop naar het Cyber Security Event op 29 november 2016 op The Hague Security Delta Campus interviewden wij Hein Laan, Information Security Officer bij de Rabobank en spreker op het Cyber Security Event. Hein geeft zijn visie op samenwerken met ketenpartners aan cyber security. Wat zijn actuele ontwikkelingen op het terrein van cyber security? Op het gebied van cyber …

Lees verder »

Should we report our cybercrime leaks?

Edwin van Andel, Hacker and public speaker for Zerocopter at the Cyber Security Event. Yesterday the Dutch parliament passed a law stating that organisations now have the obligation to report on severe cyberattacks. Last week in a dutch newspaper, an article emerged in which an interview was done with the Dutch ex-prosecutor, Aldo Verbruggen. The topic was cybercrime, or better, …

Lees verder »

3 Ways to Mitigate Insider Security Risk

As recent data breaches show, every organization needs to take action to better secure insider access, particularly that of privileged users and contractors. By Travis Greene, NetIQ, the security portfolio of Micro Focus In 1992 during the preparation for Bill Clinton’s first presidential campaign, political strategist James Carville, in an effort to focus the messaging, hung a sign in the …

Lees verder »

When Multi-Factor Authentication Fails

Recently, we’ve seen evidence of the increase in insider threats related to outsiders obtaining and abusing insider credentials. Like others, I’ve pointed to multi-factor authentication (MFA) as a means to mitigate the risk posed by this attack method. But, it’s worth considering – what are the limitations of MFA in reducing the risk of outsiders abusing insider credentials? To be …

Lees verder »

Multi-factor Authentication: Waking up to the Elephant in the Room

If the Panama Papers were a wake up call to pay closer attention to insider threats, two recent developments have revealed that we have awakened to an elephant in the room. The first is the release of this year’s Verizon Data Breach Investigations Report (DBIR) on April 26, which states, “63 percent of confirmed data breaches involved weak, default or …

Lees verder »

Thar She Blows: Mitigating Whaling Risk

CIO recently reported that a variant of spear phishing called whaling has emerged as a major cybersecurity threat. Whaling is a social-engineering scheme that uses the relationship between executives and employees to trick employees into taking an illicit action. An attacker masquerading as an executive bids, and the employee does his or her bidding. Notable companies such as Snapchat, Seagate, …

Lees verder »

Understanding Why Business Managers Hate Access Certifications

Almost every job includes monotonous—but necessary—tasks that we dread completing. For line of business (LOB) managers, access certification is one of these tasks. Imagine a seemingly endless list or spreadsheet containing lines upon lines of users’ names coupled with their levels of access. In addition to a long list of other responsibilities, LOB managers are responsible for carefully evaluating whether …

Lees verder »

Dynamic Authentication – the New Benchmark

Data breaches have become commonplace these days, and enterprises around the world agree that it’s not a matter of “if” but rather “when.” Complicating matters, gone are the days when your employees worked nine to five, from their desktops or laptops, or even within the walls of the office where access is delivered in a predictable, simple and easy to …

Lees verder »