the cybersecurity blog for managers

The SecretPi – The secret agent privacy guard for Managers, Reporters, Dissidents and People like you and me, keeps nosy people out.
18/06/2018

The SecretPi – The secret agent privacy guard for Managers, Reporters, Dissidents and People like you and me, keeps nosy people out.

      The Motivation (How the SecretPi came to be) Whilst creating a Raspberry Pi3B for a friend in Turkey, who want’s to watch German TV programs over the internet and do not want to have the Government monitoring his behaviour (mail, browsing etc.), an idea came to my mind. As my friend only needs a VPN which is maintained by the Raspberry and automatically starts where ever / when ever he is connected to the internet via his […]

Read More
Are SIEM’s dead ?
13/01/2018

Are SIEM’s dead ?

The SIEM is dead….cause we killed it !   When I came first in contact with a SIEM, namely the SOC-Product from Computer Associates about 2004, my colleagues and I said “Wow, that’s the way to go !”. With log-file collection, correlation and the way how it was visualized it would definitely help customers to analyze their data better and faster, to detect attacks. Anyway at this time we had less log-sources, no BYOD and so on.   But I […]

Read More
Digitization – the big challenge for IT security
08/01/2018

Digitization – the big challenge for IT security

While I was researching for this blog article, I realized that digitization is currently on everyone’s lips, used in many ways, actually only the umbrella term for the change in our society, in which everything – both in the private and in the corporate sector – becomes faster and closer meshed without being aware of the impact on society. So, as I write in the blog articles for companies, we should actually take a closer look at the term “digital […]

Read More
The SOC methodology
07/01/2018

The SOC methodology

First, let the extract of an SOC workflow (next graphic) takes effect on you (the shift transfer, the daily routine tasks and the end of the shift are missing for a better overview). Please remember, the SOC handles the fast processing of events. If these are known – or easy to solve – this is forwarded from the SOC to the relevant division (IT-Security, Networking, Servers etc.). If events are not easy to solve or completely unknown, they will be […]

Read More
The CSIRT methodology
07/01/2018

The CSIRT methodology

If you have read my blog carefully, the article about the C4ISR Methodology will surely stick in your mind. Many of the military procedures we can take for our plan – to build a functioning SOC / CSIRT / forensics team of course with some changes. Let’s define the necessary elements: SOC (according to English Wikipedia, italic: according to my methodology) A Security Operations Center (SOC) is a central unit that deals with security issues at the organizational and technical levels. […]

Read More
C⁴ISR: What we can learn from the military
06/01/2018

C⁴ISR: What we can learn from the military

C⁴ISR stands for command and control, communications, computers, intelligence, surveillance, and reconnaissance. Since 2005 I have been building or reorganizing SOC’s (Security Operation Centers) and establishing CSIRT’s (Cyber ​​Security Incident Teams), among others for Saudi Telekom and Saudi Aramco (during my time in Saudi Arabia) and at RadarServices GmbH in Vienna as Global SOC Manager, with up to 30 SOC employees in 24×7 operation or Follow the Sun (at 3 locations in the world with 8h difference each) principle. What […]

Read More
Security Issue Employees – Awareness is a must
05/01/2018

Security Issue Employees – Awareness is a must

As shown in the previous blog post already in detail and hopefully haunting, awareness can defend many attacks successfully. To do this, companies need to develop an awareness strategy to successfully motivate employees to recognize and ward off social engineering. In this context, I recommend anyone who is in IT security, but also the management, Kevin Mitnick’s book – The art of deception – ISBN 0-471-23712-4 – to read. Who has the opportunity to attend one of his lectures, it is […]

Read More
How I take over your business
03/01/2018

How I take over your business

In 1987, I brought despair to my instructor at Comparex, where I used a simple security hole on a 3270 screen controller for terminals attached to a /370 mainframe. Batch files were higher in precedence than executable files. So I constructed a batch file that produced a ripple print on the screen and kept outputting “I’m a little virus” in an endless loop. A batch command that was executed copied a bunch of other batch files with the names of […]

Read More
Why cyber-security is not effectively lived (in European) companies and organizations
02/01/2018

Why cyber-security is not effectively lived (in European) companies and organizations

Most European companies have not taken cyber-security seriously in recent years and now get a wake-up call from the EU, which is not without reason: 4% as a penalty of global sales are finally something to think about. I understand this as a long necessary “shot in front of the bow”, because whatever market investigation I look at, it concludes that around 60% of the companies are underperforming. The question is why? In the case of SMEs, security must not […]

Read More
Introduction to this blog
01/01/2018

Introduction to this blog

The pressure on European companies is significantly tightened by the German legislator and the EU with regard to cybersecurity – rightly so – because in the past decades most companies have neglected to ignore the latest methods of attack on their digital knowledge. Product data, patents, procedures and other company secrets were often stolen in Cyber-Attack. It is not just the companies that are at fault, but the lack of advice, failures of the legislator, insufficient education at universities, the insufficient […]

Read More

Links & Guidelines

Categories

Tags Cloud

agressive countries (1) APT (2) asymetric warfare (1) Awareness (2) CEO (1) CIO (1) CISO (1) combat (1) critical infrastructure (1) CSIRT (3) cyber-war (1) cyber-warfare (1) C⁴ISR (1) dark net (1) Data leakage (1) defence (1) defense (2) DLP (2) document framework (2) dropper (1) effective (1) EU (1) facebook (1) GDPR (1) Hacker (1) Hacker groups (1) Intro (1) Introduction (1) IT-Security (2) kevin mitnik (1) linkedin (1) Management (1) Methodology (2) Multinationals (1) save costs (1) Security (1) Security Management (1) security strategy (1) SIEM (2) SME (1) SOC (4) social engineering (2) social networks (1) Think like a hacker (1) xing (1)

Recent Posts

Recent Comments