Blog

As the threat escalates, a publicly traded corporation continues to cut corners on IT security, relying on hope rather than defense. The CISO? No influence. No budget. No team. Now the few employees are sick,...

Anyone involved in setting up and operating management systems—such as for information security in accordance with ISO 27001 (ISMS) or quality management in accordance with ISO 9001—is all too familiar with the scenario: Pages and...

I receive many emails and LinkedIn in-mails—mostly from people who promise me the moon. They claim to have “cracked the LinkedIn code” and can help me gain lots and lots of new customer relationships in...

Platforms such as Mandiant, Recorded Future, and CrowdStrike Falcon Intelligence promise to provide information about the current threat situation in near real time. Many of these tools deliver comprehensive reports and are used by numerous...

Recently, LinkedIn suggested that I apply for the position of “Director of Global IT & Cyber Security”: a medium-sized company, multiple locations, well-known brand. Apart from the fact that I have enough to do at...

As an entrepreneur, you know that when business isn’t going so well, outstanding payments can sometimes pile up. Most business partners pay after a friendly reminder, but sometimes you encounter absurd situations. I would like...

The revision of ISO 27006 brings significant changes for ISMS audits according to ISO 27001—especially for digitized companies. I have looked into this and identified the following key points: New calculation logic for audit days...

In practice and in marketing, misleading terminology is often encountered in connection with information security standards such as ISO 27001 and SOC 2. This imprecise use not only leads to misunderstandings, but can also undermine...

In theory, it sounds simple: suppliers are selected according to defined criteria, risks are assessed and then selected. In practice, things are usually different. Especially when onboarding suppliers, there is often a pattern of collective...

The “policy problem” plagues many companies and has become an annoying reality: There are countless policies on almost every topic, but hardly anyone knows which ones are relevant to him or her. This is particularly...