Roger Halbheer on Security
It is one of the acquisitions and investments we do as we know that we – and the market – need absolute top knowhow to leverage digital, the cloud and whatever will come in the near future. Understanding the threat landscape and having answers in the context of a very fast and disruptively moving business…
DetailsBasically the whole discussion about Hillary Clinton’s private mail server and whether it was accurately protected or not has nothing to do with the Internet of Things, right? Almost. Based on this article Did the Clinton Email Server Have an Internet-Based Printer? it seems that a printer accessible through the Internet was attached to the…
DetailsStartups in the Fintech and Cyber area have the potential to really disrupt the business and the way we do security. Therefore, we decided to support the Fintech & Cyber Showcase 2016 – Israel Innovation Effect intensively and out came a great event with interesting startups in these sector. So, if you are interested and…
DetailsI just started to blog on the Accenture Banking Blog as well – it is in German: Problemdenken abschalten – denn mit Sicherheit sind die neuen Banken-Lösungen Angreifern gewachsen
When we talk about security, we often talk about the “assume breach” scenario and therefore about resilience against attacks. When I am on panels talking about resilience, I often talk about resilience in society as well. Today, large parts of Zurich were without power for one hour. It is interesting to see what happened: Shops…
DetailsThat’s pretty clear: Government Wants Access To Data and For The Good Of The Country
Waiting for tomorrow’s episode….
That I think that your supply chain will become one of your key risks is not new. Typically, however, I raise it in the context of a bad guy being able to inject into the supply chain – say the products you buy – and therefore you already install the attack kit. I just read…
DetailsThis is an interesting question about human behavior. Today, most online fraud is refunded by the banks. So rarely, users (victims) have to pay for their behavior. Up to a given point, this makes sense as you do not want to have too many people visiting your physical branches – it is less expensive covering…
DetailsIf you are interested in some impressions of the recent Finance 2.0 event, have a look here: http://www.finance20.ch/official-aftermovie-finance-2-0-conference/ – you will find the official after-event-movie
Unfortunately, we do not see too many women in security – even though there are huge opportunities irrespective of the gender. Over the years, I had the pleasure to work with great women in this business. We will run an event on Thursday, April 28, 2016 at 6.30pm at the Accenture Office in Zurich with…
DetailsYou might be aware of the fact, that I am not a too big fan of classical SIEM tools. In my opinion, they often fail to deliver good results efficiently, deliver too many false positives and need quite a team of engineers to keep the ruleset/use cases current. Typically, I use these environments to monitor…
DetailsDear CEOs, I know that you feel that security is important – something which was not always the case in all the years I am working in the industry. But you changed your mind and this is great. But I know as well that you rarely feel comfortable, when it comes to working with your…
DetailsWhen we talk about the Cloud, encryption is typically not far. There are different challenges with encryption, one of them – besides usability, key management etc – is the loss of functionality. In other words: If we would assume that we can manage the keys with reasonable efforts and the user is able to use…
DetailsThis morning – going through my RSS feeds – I read the following article looking into the latest Juniper backdoors: 4 Juniper Questions Congress Should Be Asking – Did NSA Create a Backdoor in U.S. Networking Giant’s Gear? The article covers the background of the event a bit and then raises four questions: How did…
DetailsI guess we all agree on certain challenges in the future: Our businesses as well as our IT will become more and more digital and therefore security will need to change. The pace of a compliance-based approach will simply be too slow to come up with reasonable solutions in a light of new, dynamic and…
DetailsSometimes I read papers and think that they seem to be fairly good. But this one kind of blew me away – let me give you the reason before I give you the link… There are some constants in my security life: I am deeply convinced that the CSO needs to have a thorough security…
DetailsSeriously? Hard coded password? Someone Just Leaked Hard-Coded Password Backdoor for Fortinet Firewalls
We talked a lot about critical infrastructure protection – especially in the light of failures thereof. Therefore I really like some of the work ENISA does on recommendations for them.
Here is a new one for intelligent public transportation: Cyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations
