Category: Security

  • T-DOSE 2025

    On the Technical Dutch Open Source Event 2025 (t-dose), I gave a talk on ‘Simplifying Security’

    Slides (cc-by-sa) here for download and remember slides are published to be shared:

    (more…)

  • Shift left:  from complex and reactive to simple and proactive

    Cyber security is complex. But effective cyber solutions do not need to be complex and very expensive.

    To avoid misunderstandings: Simplifying your security landscape is not simple at all, but rather means rethinking your strategy and reprioritizing objectives:

    • Risks
    • Costs
    • Value
    (more…)

  • Open Security News week 10-2025

    When using FOSS software you have the advantage to inspect the source code on malicious flaws. However almost all software is distributed to end users as pre-compiled binaries. This creates a problem: How do you know if the software is not injected with malicious code?

    Compiling the software yourself is not enough to be sure that no flaws have been introduced. So check if your software has a reproducible build. A reproducible build is, an approach to determine whether generated binaries correspond with their original source code.

    (more…)

  • Cyber Security Conferences

    Cyber security conferences or seminars are crucial for continuous learning. But the number of annual held cybersecurity events is immense. So on this blog page you will find an opinionated collection of exiting cyber security events worldwide.

    (more…)

  • QR codes: Still a security nightmare?

    QR code attacks are still increasing. But is there a simple solution to reduce the risks when using a QR code? 

    (more…)

  • Simplify Cyber Security: A Practical Manifesto

    Automation has changed our lives. Computers and all kinds of software enabled devices make our daily lives easier. Every year computer devices get more powerful, less expensive but also get more vulnerable to cyber security risks. Too often cyber security breaches have a severe impact on our safety and privacy. But most cyber security accidents are hidden from the public eye.

    (more…)

  • Let’s just do it one more time

    Cyber Security is complex. So it is no surprise that companies get hit by major IT disasters due to cyber security incidents.

    Cyber security vendors often make things very complex. Too complex. Often they sell a lot of crappy expensive security software with security management cockpits and promise that all your risks are mitigated. However being hit by ransomware is no joke. 

    (more…)

  • The day after the GDPR: End of an Era?

    Maybe you have noticed it. Privacy is an issue. A bit strange since there is only 1 day left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union. So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. So will the enormous amounts of privacy breaches be over?  Will all privacy and freedom fighters celebrate 25 May 2018 as the beginning of an new Era? (more…)

  • The Ultimate GDPR Checklist

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 2 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. Due to the complexity of the GDPR document a lot of help is available. But be warned: Some tools that claim to help you will increase your privacy compliance problems instead of solving these. (more…)

  • The Art of managing privacy policies

    Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 3 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

    So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. Due to the complexity of the GDPR document you will need to use privacy policies to control and manage privacy risks. (more…)