by Jesper Kråkhede, Sweden
Posted in Security Architecture on Nov 15th, 2013
All those having a smart phone raise your hands! I´m one of those and I thought I had a rather good grasp of the smart phone security, the do´s and don´ts etc. but apparently I was mistaken. Do you know there is a second operating system running on your smart phone that has a large […]
Posted in Business, Methodology, Security Architecture on Oct 15th, 2013
As some of you may know, at least those of you that have read my CV, I´m a trained social worker and have a keen interest in psychology. I always find it interesting to understand why some organisations manage to protect their information and why some fails. I recently came across a report describing why […]
Posted in Business, Security Architecture on Sep 10th, 2013
I conduct several risk and vulnerability analysis every month. One part of the deliveries I make is a calculation of the financial impact in case of a breach. This is always a challenge but quite often I manage to get a fairly good figure. The hidden costs of a breach is quite often more of […]
Posted in Business, Security Architecture on Aug 18th, 2013
If you ever been out pentesting you probably have encountered ‘Don´t test our ERP! It is too critical for us.’ Where is the failed logic in that? Looking at growing ERPs like Microsoft Dynamics AX they have a standard security model that fulfils most of the standard security needs. But let’s say you are a […]
Posted in Business, Security Architecture on Jul 30th, 2013
Is there any company of size that hasn´t got an ERP system today (Enterprise Resource Planning)? During my many years working in the field of security I have seen and participated in many analysis, checks, test, investigations and whatnots and in many cases we were instructed to not touch the ERP. It was way to […]
Posted in Compliance, Security Architecture on Jul 20th, 2013
Security architecture is sometimes just a number of words glued together with some pictures or to be more explicit the power of security architecture lies in the visualisation of fully defined words. Some words that commonly need both definition and explanations are: Threat, Vulnerability and Risk. Threat: 1. An expression of an intention to inflict […]
Posted in Security Architecture on Jun 30th, 2013
One of the good things of growing up is that you now and then are allowed to visit a pharmacy and get prescription drugs…or should it be considered a bad thing? In any case I noticed that the username and password for the computer was posted on a note on the screen, same username and […]
Posted in Security Architecture on Jun 20th, 2013
Being a diver since a few years I tend to take my own personal security quite seriously. Out-of-air at 20 m is not a pleasant experience, I´ve heard. One of the things I enjoy doing when diving is taking photos. This summer I bought a new underwater house for my compact and as I take […]
Posted in Security Architecture on May 30th, 2013
Not being an expert in the inner details of SCADA systems I still encounter them in different assignments. As many know SCADA systems are certified to carry out a specific task with a specific configuration that you seldom or never could change. This makes the task of protecting SCADA a tough one as the ordinary […]
Posted in Business, Security Architecture on May 2nd, 2013
Everyone that´s been around for some time in this industry has Melissa and Love letter fresh in mind. How many similar outbreaks have you had the last years? I expect you to say none. Does this mean that there are no malware running around anymore? Of course not. There are even more today than there […]