Feed on
Posts
Comments

Category Archive for 'Methodology'

IAM is a very strong tool to get in control of your accounts. With an IAM system for all standard users you will quickly protect all standard access and manage all access control. On top of that comes the protection of your privileged accounts and that means more advanced solutions like PAW or ESAE. In […]

Read Full Post »

Swedish Transport Agency

I don´t know how many of you that spend your time reading about security issues during your vacation but you have probably heard about the struggles at the Swedish Transport Agency. There are quite a few things not right in the current rounds of the news but that will be sorted eventually. All in all, […]

Read Full Post »

None of you raises an eyebrow when I say that I work at Sogeti and as all other consulting firms together with my clients we struggle with finding the right people. Finding junior staff is rather easy, keeping them a bit more challenging as it should be. But the senior people, like me, are harder […]

Read Full Post »

Immediate security

Have you ever heard of immediate security? A colleague asked me of my views on it since he heard it at a webinar and that it would be impossible to reach. My simple answer is that rather the opposite is impossible. Impossible as in produces less security. Every single second I need to know if […]

Read Full Post »

Vacations are supposed to be a time for contemplating and relaxation but apparently there are no rest for the wicked. I have been stuck with a few contracts regarding security SLAs where I would like to share my thoughts with you all. Security SLA is always a challenge, how to you measure that you are […]

Read Full Post »

Security during vacations

I think that no one have missed that we celebrated Midsummer in Sweden, one of our famous public holidays where we mimic frogs and drink a lot of booze. Even if it´s a public holiday in Sweden the rest of the world, especially the criminals, still keep pondering at our doors trying to find a […]

Read Full Post »

I know that a bunch of you have started to look at the new data protection directive. If you have spent some time with it, you probably have read that if you encrypt your data properly you don´t need to inform your customers of a data breach. This is of course good news for encryption […]

Read Full Post »

Mars Challenge

I have to say that I really hate ransomware. It´s just like the old times when a henchman placed himself outside your store and blocked your customers from coming in but without the satisfaction of beating him with a bat to make him go away. A client of mine was targeted with a ransomware and […]

Read Full Post »

Birthday attack

What better way is there than to celebrate your birthday doing a social engineering test? Nothing put you more on edge than the possibility to spend you birthday waiting to get released from a holding cell. Gladly that didn´t become the case but my client will get a report on the lax security they have. […]

Read Full Post »

During many years I have been an advocate of never letting go of the control of you security but during my last years I have been forced to revaluate that opinion. As most of you are aware of finding the right resources for employing is hard and paying for the right resources is even worse. […]

Read Full Post »

Next »