Funding for IT security measures
Measures in small and medium-sized organisations that serve to increase IT security are often funded by the public sector. In order to strengthen the cyber resilience of these companies, various levels of government in Germany offer funding programmes. These programmes are designed to ease the financial burden of implementing advanced IT security measures and thus […]
Cyber attack with fake invoices
Cybercrime only affects the big players? Certainly not! Last week, we witnessed live how an attacker – unfortunately successfully – defrauded the customers of a retailer and stole a considerable amount of money in the process. What happened? Previously unknown perpetrators have forged purchase contracts from a medium-sized trading company and replaced the bank details […]
Personal liability for violations of the NIS 2 Directive
Personal liability of the management bodies The NIS 2 Directive introduces new personal liability for management bodies for the implementation of cyber security measures. This means that board members and managing directors can be held personally liable if a company fails to comply with the requirements of the directive and a cyberattack occurs. Proactive cyber […]
ISMS according to ISO 27001 helps when taking out cyber insurance
Over the past six months, we have held numerous discussions with medium-sized organisations of various sizes that would like to take out new cybersecurity insurance or adapt existing policies. The consistent tenor that we have heard everywhere is that it is becoming increasingly challenging to obtain affordable policies at all. Insurance against cybersecurity risks is […]
Proactively meeting the requirements of the NIS2 directive
The second version of the Network and Information Security Directive (NIS 2) came into force in the EU at the beginning of 2023. The EU member states must transpose NIS 2 into national law by 17 October 2024. In Germany, the Federal Ministry of the Interior has already submitted a draft bill for an NIS2 […]
Trends and developments in the cyber security landscape
Although the new year is already a few days old, annual kick-off events are still in full swing everywhere. So we too have been thinking about what to expect in terms of information and IT security in 2024. Based on current trends and developments in the cyber security landscape, we anticipate the following challenges: Organisations […]
ISO 27001 Outlook 2024
Conversion to the latest version of the standard Companies that are certified according to the international standard ISO 27001 will have to think about converting their ISMS to the latest version of the standard in 2024. Now that the final version of the German translation will finally be available in January 2024, all German-speaking standard […]
Employees pose a greater threat to IT security than hackers
In the past two years, more than a third (37 per cent) of all cyber security incidents in Germany were due to employee misconduct. Hackers were only responsible for around 27 per cent of cyber security incidents. Security incidents were often related to negligence, but 30 per cent were due to phishing attacks. 15 per […]
ISC2 Secure Congress – Security of AI increasingly important
Cybersecurity experts from around the world gathered in Nashville, Tennessee from 25-27 October for this year’s ISC2 Secure Congress. It became clear that the information and IT security community cannot ignore the topic of Artificial Intelligence, so this year’s focus was clearly on the security of AI. Machine learning and generative AI security Several presentations […]
Cloud security myth
Cloud security myth busted: Common misconceptions about security ownership in the cloud In recent years, cloud technology has become one of the most important and widely used IT infrastructures. Organisations of all sizes are taking advantage of the cloud to store data, host applications and streamline business processes. However, despite the growing popularity of the […]