We are all humans. For severe cyber security problems we fall in love with so called ‘Holy Grail’ products. The product capabilities of these product are outlined with vague and difficult marketing buzz. So perfect for managers who lack a solid technical background. But deploying these products can be compared with deliberately installing a large backdoor in your trusted environment. Security by obscurity is a bad security principle. Demand openness and full transparency.
Continue reading “Open Security News week 49-2022”Open Security News week 44-2022
Today all software is under continuous attack. So focus on practical simple steps to improve cybersecurity. Increase the effectiveness of your current cybersecurity measurements and tools. Do not fall in the trap of buying another security defense application that promise to reduce cyber risks with lower costs and lower effort. A magic solution to reduce your cyber security threads does not exist.
Continue reading “Open Security News week 44-2022”Open Security News week 35-2022
Our lives heavily depend on software. So software should be open, secure and safe. But the reality is, unfortunately, that most software is malware and steals your private data. That is why I advocate FOSS and love to share cyber security knowledge and lessons learned so we can our world a bit nicer.
Continue reading “Open Security News week 35-2022”Open Security News week 30-2022
Zero-trust security principles could protect against insider threat by treating every component, service, and user of a system as continuously exposed to and potentially compromised by a malicious actor. But is zero-trust really a good name for this concept? Naming things is hard and a bad name is fuel for confusion.
Continue reading “Open Security News week 30-2022”Open Security News week 21-2022
Reducing complexity for information security means following key proven principles. Some key principles for simplifying security are e.g. prevention of security risks is easier for maintenance and good simple up-to-date documentation always helps. Bring it down to the crucial things.
Continue reading “Open Security News week 21-2022”Open Security News week 17-2022
Cyber offences, such as hacking, malware creation and distribution, and online fraud, present a substantial threat to organizations attempting to safeguard their data and information. Open and simple cyber security solutions always help.
Continue reading “Open Security News week 17-2022”Open Security News week 13-2022
Cyber security is a process, not a destination to arrive at. Designing a cyber security architecture for your use case is the process of choosing between “less safe” and “more safe” and continuing this process until you reach “safe enough” for the information you want to protect.
Continue reading “Open Security News week 13-2022”Open Security News week 11-2022
FOSS inside does not mean the software is any better than proprietary software. We believe in open and simple cyber security solutions. Openness and transparency builds trust. There are no silver bullets when it comes to cyber security.
Continue reading “Open Security News week 11-2022”Open Security News week 7-2022
Simple cyber security solutions. Openness and transparency builds trust. There are no silver bullets when it comes to cyber security. Risks will never be zero. Using complex and expensive cyber security solutions are not by definition better.
Continue reading “Open Security News week 7-2022”Open Security News week 5-2022
Duplicating work wastes time, money, and energy. Reuse and improve solid cyber security knowledge. Avoid old mistakes and use new solid open security knowledge.
Continue reading “Open Security News week 5-2022”