ROI

Open Security News Overview

Cyber security is a process, not a destination to arrive at. Openness and transparency builds trust. Good simple cyber security solutions are open and transparent. Cyber Security is a complex field. Keep it simple. Keep learning.


  • Open Security News week 9-2024
    Good cyber security is and will be hard work. Almost every security professional uses the CVE system. But be cautious: The CVE system is broken and the database of existing CVEs is full of questionable content and plenty of downright lies. Cyber solutions can be often simpler and the best solution is rethinking if the solutions you use are really solutions. …
  • Open Security News week 47-2023
    Machine Learning (AI) is one of the most powerful technologies of our time. But machine learning is a complex technology that brings a lot of new cyber security and privacy risks. Cyber security is a field where commercial vendors of security solutions proclaim breakthrough innovations every week. But don’t fall for it: there is no magical new tool for old and …
  • Open Security News week 40-2023
    Reducing cyber security risks is complex. The most simple solutions are the best. Finding simple IT solutions is hard. We need to stop reinventing the wheel. Creating software that meets trivial security and privacy design rules has proven to be very difficult. So improve existing solutions instead of creating new solutions that will fail again. Use of proven open solutions (FOSS). …
  • Open Security News week 35-2023
    Security by design is not a product. Nor a simple straight through process. Security by design can be viewed as a core philosophy to do the right things from a cyber security perspective in every action performed when developing and producing a new product. Too many organisations are depending on vulnerable vendor solutions for security protection that over promise but under …
  • Open Security News week 27-2023
    Good cyber security is still a cost factor for companies. For too long we refuse to create simple systems for simple problems that can be easily adjusted and are resilient for common cyber security threads. We, security experts, are trained and brainwashed by commercial vendors to advocate for complex, expensive cyber security solutions that are costly to implement and lack transparency. Most …