Ordering Technology Off a Government Organization

I guess we all read the news of President Trump ordering governmental organizations to migrate off any Kaspersky security software ASAP. This is basically an interesting move as it highlights the challenges regarding supply chain security, however, is this an effective was to protect an organization? I hope President Trump and/or his advisors consider a…

Council of Europe Octopus Conference- Some Thoughts

l am still sitting in the parliament room of the Council of Europe at the celebration event for the Budapest Convention. It was another very good event advancing the challenges fighting Cybercrime. Let me try to summarize a few thoughts: The Budapest Convention is probably the best convention out there allowing a wide adoption of…

How Microsoft Uses File Classification Infrastructure

Quite a while ago, I blogged about the File Classification Infrastructure in Windows Server 2008 R2: File Classification Infrastructure in Windows Server 2008 R2 File Classification Infrastructure:More content In my opinion, this is an interesting tool, built in to your server platform. Now, we just published a paper about how we use this File Classification…

Mutual Authentication in Real Life–Launching a Nuclear Missile…

A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether we…

Stuxnet talks – do we listen?

Stuxnet is a severe threat – that’s something we know for sure. But if we look at it – what do we really know? What can we learn? Let’s start from the beginning. As soon as Stuxnet hit the news, it was interesting to see, what was happening. There was a ton of speculation out…

Customer Experience: Security Can Improve in the Cloud

Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences. What I like is, that a lot of the items I was recently raising, where actually reflected in quotes by customers of Cloud providers as well as by the general findings of the study.
The final conclusion is to me that there are a lot of security benefits moving to the Cloud.

The Importance of International Collaboration–Even in Exercises

One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents do not tend to stop at a country’s border. Now, planning for such a…