Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

Between 2021 and 2022, the number of companies that suffered at least five or more IT security breaches increased by a staggering 53 per cent. Approximately half of all companies experienced a security breach in the last 12 months that cost more than $1 million to resolve. These are just some of the worrying findings of Fortinet's latest Global Security Skills Gap Report 2023.

The study "2023 Cyber Workforce Resilience Trend Report" was published in mid-May. The study results support a clear trend: more and more companies are focusing on building sustainable cyber resilience, but many cyber resilience programmes fall short. Although 86 per cent of respondents have a cyber resilience programme, more than half said they lack a holistic approach to assessing cyber resilience.
The reason: The implemented mechanisms are not sufficient to prove the practical cyber capabilities of the teams.

Phishing, ransomware, data espionage - the list of cyber threats is long. At the same time, cyber criminals are becoming increasingly sophisticated and professional. Consequently, the risk of becoming a victim of a cyberattack continues to increase in Germany and around the world. Small and medium-sized enterprises in particular usually do not have the necessary resources to detect cyberattacks themselves in time and thus be able to defend themselves. The demand for Managed Security Service Providers (MSSP) and their diverse range of services is therefore unabatedly high. We reveal what you should look for when choosing an external service provider.

The constantly growing number of cyber attacks makes it clear that an IT security early warning system for the defence against cyber threats is becoming increasingly important. Such a system can be implemented with the help of network monitoring and anomaly detection. However, the basis for an efficient implementation is to ensure the complete control and analysis of the data.

While manufacturing companies invest extensively in the necessary digital infrastructure for the IIOT (Industrial Internet of Things), IT security usually falls by the wayside. IT security measures against cyber threats and various cyber attacks are too often still based on outdated security concepts. This article explains why multi-layered cyber defence systems are now indispensable and how threat hunting and active cyber defence can significantly increase IT security in a production company.

It doesn't matter if you have all sorts of security solutions installed - once intruders have penetrated your systems, one or more of these controls will have failed and they will cause damage to your network until you finally detect them. As we know, this can take months. If your goal is to maintain the integrity of your network, Threat Hunting provides the ultimate check that you are secure.

The so-called Advanced Persistant Threats (ATP) are creating an increasingly complex threat situation. This massively aggravates the risk situation in companies and makes the defence against threats for cyber security more and more challenging. Successful defence against such cyber threats begins with prevention. For this, it is necessary to understand the attack patterns of the hackers. This is precisely where cyber threat modelling or hunting comes in.

The use of artificial intelligence (AI) is also playing an increasingly important role in cyber security. Artificial intelligence shows its strengths above all in the early detection of cyber threats or in the real-time monitoring of IT infrastructures. However, uncontrolled use of AI is definitely dangerous! In this article, you will learn what artificial intelligence can do in the area of cyber security and how AI can support cyber threat hunting and threat intelligence.

With the passed IT Security Act 2.0 (IT-SIG), anomaly detection for CRITIS companies and organisations is enshrined in law. Now it is time for operators of critical infrastructures to act: According to IT-SIG 2.0, they must implement appropriate protective measures to defend against cyber attacks within one year that comply with the current legislation. How can it be done faster?