No Pain, No Gain - How Impunity Perpetuates Failure
It’s time to treat cybersecurity incidents and data breaches like preventable disasters, not the inevitable cost of doing business.
Topic
infosec
A collection of 9 issues
Demand Without Development
The cybersecurity talent shortage is not just a problem of numbers, but of structure. By systematically avoiding the hiring and training of true junior staff, the industry is reinforcing a feedback loop that shrinks its own future workforce.
MITRE CVE Program - the past, the present .. and the (European) future.
The Common Vulnerabilities and Exposures (CVE) program is a globally adopted system for identifying and naming cybersecurity vulnerabilities with unique IDs. Established in 1999 by researchers at the MITRE Corporation (a U.S. non-profit R&D organization), CVE was created to ensure that different ..
A short(-ish) guide on information security writing
Whether you’re compiling incident notes at 3 AM, drafting a post-mortem report for the board or helping the marketing department to craft a blog post that will generate near endless riches for your employer - we may like it or not, the ability to produce qualitative ..
Another round: Government malware & digital surveillance
Not just the seasons, or my attempts to appear in the office in an outfit other than holey conference shirts, shorts and Birkenstock slippers that are cyclical. The desire of politicians for a "government trojan" or surveillance of digital communication seemingly follows a constant rhythm ..
It's cyberwar-o-clock .. or something like that.
As was the case at the beginning of the war in Ukraine a year and a half ago, reports about the possible role of cyberattacks in this conflict emerged relatively quickly shortly after the events that shook Israel on October 7, 2023.
I care about security, hence I don't care.
I’d love to see information security actually improve in a meaningful way. Not caring about anything but the bare security facts is a way of achieving that. Probably the only way.
Cyber is effective. Explosions are effective-er.
The publication of documents that allegedly describe the work of a Russian IT company on behalf of Russian intelligence services caused quite a stir in various journalistic publications at the end of March this year.
All metal, no manpower
It occurred to me that there are uncomfortable similarities between some major issues the armed forces of the Russian Federation suffer from and the issues a lot of Blue Teams have to deal with. This is an attempt to come up with a comparison that doesn’t sound entirely insane.