Tag: security

Wake up and Smell the BitLocker Keys

Wake up and Smell the BitLocker Keys

Many enterprise laptops use BitLocker to provide full disk encryption (FDE) to protect sensitive data from exposure if the laptop were stolen. But how adequate is the default implementation of BitLocker to protect data at rest in this scenario? The security of all encryption relies on protection of the key material. A common assumption is … Continue reading Wake up and Smell the BitLocker Keys

The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation

Third Party Risk blog post header

In the previous post, we introduced the concept of Third-Party Risk Management (TPRM) and its importance in todayโ€™s interconnected world. Now, let us have a look at the practical aspects of building a solid TPRM program and why it is important for your company. 1. Start with a Third-Party Inventory The first step in building … Continue reading The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Confidentiality

Introduction In the first part of this mini-series, we explored briefly what kind of impacts AI may have on the CIA Triad and whether we should adjust this fundamental framework. The goal of this and subsequent blogposts is assessing the pillars of the proposed Information Security Hexagon, starting with Confidentiality. Maintaining confidentiality in Artificial Intelligence … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

How AI forces us to expand our thinking about basic cybersecurity concepts

The traditional CIA Triad (Confidentiality, Integrity, and Availability) has long been a cornerstone of information security, providing a solid framework to protect data and systems. However, the rising presence of AI in our lives introduces new challenges that extend beyond the current scope of the CIA Triad. In this AI mini-series, we will analyse the … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

Introduction to Third-Party Risk Management

Third Party Risk Management background image

In todayโ€™s world, organizations are increasingly depending on their third-party vendors, suppliers, and partners to support their operations. This way of working, in addition to the digitalization era weโ€™re in, can have great advantages such as being able to offer new services quickly while relying on otherโ€™s expertise or cutting costs on already existing processes. … Continue reading Introduction to Third-Party Risk Management

From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements

Leveraging Incident Response Artifacts featured image

What is this blog post about? This blog post is about why incident responder artifacts not only play a role on the defensive but also offensive side of cyber security. We are gonna look at some of the usually collected evidences and how they can be valuable to us as red team operators. We will … Continue reading From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements