I am often asked what is the difference between Policy, Standard, Procedure in cybersecurity. Well, here it is: 1. Cybersecurity Standard A cybersecurity standard is a set of guidelines, criteria, or best practices that organizations follow to ensure that their…
Category: Endpoint Cybersecurity GmbH
Zero Trust in Cybersecurity: from myth to the guide
Every single day I read news on various portals and on LinkedIn and I encounter a lot of buzz words. Most of the time I just smile recognizing the marketing b**it, and continue to scroll… This time, I found an…
NIS2: 3.Establish a cybersecurity framework
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . Establishing a…
How to implement an Information Security Management System (ISMS)
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . An ISMS is…
NIS2: 2.Designate a responsible person or team
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to…
NIS2: 1. Perform a gap analysis
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the first step in implementing NIS2 requirements is to perform a gap analysis. The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you…
How-To: NIS2 EU Directive
The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member…
Executive summary: NIS2 Directive for the EU members
The NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European…
Implementing secure over-the-air (OTA) updates in embedded devices
This is a follow up article related to Secure Booting and Secure Flashing. It is the 5th article related to Strengthening the Security of Embedded Devices Implementing secure over-the-air (OTA) updates in embedded devices requires careful consideration of various security…
Strengthening the Security of Embedded Devices
Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying out a specific set of…
How to Configure the Most Secure Settings for Microsoft Defender
This article is entirely written by Bing AI client integrated in Skype. Q: write an article describing most secure settings of Microsoft Defender A: Microsoft Defender is a comprehensive security solution that protects your Windows devices from various threats,…
The Importance of Implementing an Information Security Management System (ISMS)
In today’s interconnected and data-driven business landscape, information has become one of the most valuable assets for companies. As organizations rely heavily on technology and digital platforms, protecting sensitive data from threats has become a critical concern. This is where…
How to convince Top Management to invest in cybersecurity and secure software development
I’ve heard many times IT people and Software Developers complaining that they have difficulties to sensibilize their managers to invest more in cybersecurity. Also some employees of my customers in the cybersecurity consulting area show sometimes frustration when we are…
Securing the Secure: The Importance of Secure Software Practices in Security Software Development
In an increasingly interconnected digital world, the importance of secure software cannot be overstated. Many people think that by using security software all their digital assets become automatically secured. However, it is crucial to recognize that security software itself is…
Preventing Attacks and Securing the Supply Chain in the Security Software Industry
The security software industry plays a vital role in safeguarding sensitive data and protecting digital infrastructure. However, the industry itself faces a significant threat from supply chain attacks. Supply chain attacks occur when cybercriminals target vulnerabilities within the supply chain…
The Importance of Training Employees in Cybersecurity
In today’s increasingly interconnected world, cyber threats pose a significant risk to businesses of all sizes. As technology advances, cybercriminals become more sophisticated, making it imperative for organizations to prioritize cybersecurity measures. While investing in robust infrastructure and advanced tools…