Tag: Sorin Mustaca on Cybersecurity

ENX has released an interesting article about how NIS2 requirements map to TISAX requirements. For this, there is a short introductory article called “TISAX and Cybersecurity in Industry – Expert Analysis Confirms NIS2 Coverage” and and a full article of…

Read more →

If you’re a software engineer older than 30 years, then you definitely have worked following a non-agile methodology. Those methodologies are based on a fixed structure, a lot of planning, and hope that everything will go as planned. And they…

Read more →

Challenges that stop teams to deliver and how to solve them Objection 1: “Our features are too complex for short sprints” This is the most common objection I hear, and it reveals a fundamental misunderstanding. The solution isn’t longer sprints…

Read more →

If you’re a software engineer older than 30 years, then you definitely have worked following a non-agile methodology. Those methodologies are based on a fixed structure, a lot of planning, and hope that everything will go as planned. And they…

Read more →

Time for some other type of posts, not related to what I usually write about. But it bothers me to see so many “shiny” posts on Linkedin, when I know for sure that the reality is so much different than…

Read more →

Move fast and fail fast In software development, the mantra “move fast and fail fast” has become both a rallying cry and a source of considerable debate. It champions rapid iteration, prioritizing speed and output, often at the perceived expense…

Read more →

They can’t mix, can they? Seems like a contradiction to talk about classical project management and the best agile software development methodology ? But let me ask you this: ever feel like traditional project management is great for mapping out…

Read more →

They can’t mix, can they? Seems like a contradiction to talk about classical project management and the best agile software development methodology ? But let me ask you this: ever feel like traditional project management is great for mapping out…

Read more →

Understanding ROPA and DPIA: Key GDPR Concepts for Tech Companies Podcast of this article:       Let’s explore two essential components of GDPR compliance: Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA). ROPA provides a comprehensive…

Read more →

Understanding ROPA and DPIA: Key GDPR Concepts for Tech Companies     Let’s explore two essential components of GDPR compliance: Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA). ROPA provides a comprehensive overview of your data handling,…

Read more →

I think the entire software development world saw NVIDIA’s CEO saying that the world will stop needing software developers, because they will be replaced by AI. Well, considering that this comes from the guy who sells the core on which…

Read more →

These days businesses are subject to increasing regulatory scrutiny, particularly regarding cybersecurity and operational resilience. Two significant EU regulations, NIS2 (Network and Information Systems Directive 2) and DORA (Digital Operational Resilience Act), outline mandatory requirements for organizations. Failure to comply…

Read more →

In the previous article, we explored how Scrum enables teams to add security to the backlog and prioritize it based on risk. Incorporating security into the SDLC ensures that security is not an afterthought but an integral part of the…

Read more →

I don’t usually write anymore about phishing attempts, but this one draw my attention due to large amount of emails and to variety of websites being used. Of course, I would not write “massive” if I would have received 1-10,…

Read more →

  Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements. Agile software development addresses these challenges by emphasizing…

Read more →

  Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements. Agile software development addresses these challenges by emphasizing…

Read more →

The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn where I asked the readers why are IT professionals using Crowdstrike on some systems that shouldn’t be in need of…

Read more →

The recent outage caused by Crowdstrike’s faulty update has create a lot of discussions. I wrote a post on LinkedIn where I asked the readers why are IT professionals using Crowdstrike on some systems that shouldn’t be in need of…

Read more →

Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two prominent standards in the realm of information security management, particularly within the automotive industry. While ISO 27001 provides a global framework for establishing, implementing, maintaining, and continually improving an information…

Read more →

Introduction SOC 2 (Service Organization Control 2) certification is a framework designed by the American Institute of CPAs (AICPA) to help organizations manage customer data based on five Trust Service Criteria: , confidentiality,processing integrity, availability, security and privacy. This certification…

Read more →