Feed on
Posts
Comments

Category Archive for 'Business'

Happy new year

It is somewhere between late night and early morning. Family has stopped celebrating, the bottles of champagne are empty and everyone is sleeping. Only the security architect is awake. During the festivities I had a long discussion with a friend of mine of the futility of cybersecurity. How hopeless it is to try to stay […]

Read Full Post »

A customer of mine have asked me to device a security strategy for them. This will be an interesting task. The background to this assignment was that I was doing a presentation of cost effective security management using MITRE Att@ck as an example to prioritise your actions. After the presentation their CISO came up to […]

Read Full Post »

One of my core skills is conducting risk analysis, to be more precise, I tell my customer to quit fiddling with esoteric attacks and focus on the real challenges, like good passwords, MFA and credential hygiene. One common question I get is: Who would like to attack us? We have no money reserves like a […]

Read Full Post »

As you know if you work in the field of Credential Theft Tier 0 is the most important thing to protect. With Tier 0 access I pwn a company, to use a security term. The implications from a contractual perspective is seldom considered when a company decides to outsource Tier 0, i.e. their Domain Controllers […]

Read Full Post »

Here in Sweden GDPR is one of the hottest topics within security. There is a lot of confusion regarding what is needed to be done and what different parties need to do. First of all, GDPR is a law. Any lawyers out there would probably want to correct me as it´s an EU thing, but […]

Read Full Post »

Wiperware

And ransomware has been weaponised. If you remember my post a few months back regarding the future of ransomware we now see the emerging Wiperware, malware that´s sole target is to create mass destruction rather than take files for ransom. The article mentions Maersk loss of more than $200 million to NotPetya and that ransomware […]

Read Full Post »

First day at Microsoft

Today I start my first day at Microsoft! Wish me luck!

Read Full Post »

Swedish Transport Agency

I don´t know how many of you that spend your time reading about security issues during your vacation but you have probably heard about the struggles at the Swedish Transport Agency. There are quite a few things not right in the current rounds of the news but that will be sorted eventually. All in all, […]

Read Full Post »

Cybersecurity has been a thing for quite some time now but the real change here in the Nordics came this year with a lot of ransomware attacks with WannaCry as the current leader of the pack closely followed by GDPR that is every security consultants wet dream. Almost every company have put cybersecurity on the […]

Read Full Post »

A change is on the way

I just want to inform you all that I have resigned from Sogeti to join Microsoft as a Cybersecurity Architect. This blog will continue to operate independently and still just reflect my views on different topics, assignments that I could share and so forth. Just continue to let the mails come and I´ll try to […]

Read Full Post »

Next »