Open Security News Overview

There are many myths about security, and how difficult it is. Cyber security is a complex domain. There is no perfect solution. Never. However there are simple solutions that do work. Often the best cyber security solutions are open well known solutions which everyone can use. Good solutions are not subject to a hype. Open…

There have been more than 900 publicly reported automotive security incidents since 2010. Security anchored in hardware needs the highest level of protection. Hardware security certifications are a minimum requirement but are never enough. Risks remain. Especially within human transportation systems like cars, trains, elevators and buses safety needs better cybersecurity.

Cyber security is not a solved problem. As technology continues to advance, so do the methods and techniques used by cyber criminals to breach security systems and steal sensitive information. I love new technology and love solving new cyber challenges that come with new technology. So I asked GPT-4 what kind of security challenges we…

Complexity has become a significant issue for cyber security. Senior engineers and experts in the cyber domain with years of experience have developed a troubled sight on what is simple and what is complex. My personal core believe is that hard to solve security problems should be fixed through simple solutions. But remember: Simple is…

Threats develop constantly as criminals advance their techniques and new vulnerabilities are discovered every day. Therefore, mitigation measures should be continuously developed and updated. However many organisations are depending too much on vulnerable vendor solutions that over promise but under deliver. Taking simple measures at scale, such as applying a security by design approach for…

This is an unusual post. This time, I want to emphasize the urgent need for reducing cybersecurity risks. We are on a tipping point. Security is required for safety and privacy. We are increasingly dependent on IT: Cars, trains, hospitals, medicines, energy, transportation are not possible today without IT. Without digital technology our world stops.…

We are all humans. For severe cyber security problems we fall in love with so called ‘Holy Grail’ products. The product capabilities of these product are outlined with vague and difficult marketing buzz. So perfect for managers who lack a solid technical background. But deploying these products can be compared with deliberately installing a large…

Today all software is under continuous attack. So focus on practical simple steps to improve cybersecurity. Increase the effectiveness of your current cybersecurity measurements and tools. Do not fall in the trap of buying another security defense application that promise to reduce cyber risks with lower costs and lower effort. A magic solution to reduce…

Our lives heavily depend on software. So software should be open, secure and safe. But the reality is, unfortunately, that most software is malware and steals your private data. That is why I advocate FOSS and love to share cyber security knowledge and lessons learned so we can our world a bit nicer.

Zero-trust security principles could protect against insider threat by treating every component, service, and user of a system as continuously exposed to and potentially compromised by a malicious actor. But is zero-trust really a good name for this concept? Naming things is hard and a bad name is fuel for confusion.

Reducing complexity for information security means following key proven principles. Some key principles for simplifying security are e.g. prevention of security risks is easier for maintenance and good simple up-to-date documentation always helps. Bring it down to the crucial things.

Cyber offences, such as hacking, malware creation and distribution, and online fraud, present a substantial threat to organizations attempting to safeguard their data and information. Open and simple cyber security solutions always help.