What happens when the ON2IT CSIRT jumps into action: A Customer Incident Playback

Prevention should be the holy grail of any cybersecurity strategy, but we know that 100% prevention is not realistic. So, what exactly happens when a serious threat is detected? Using a recent incident as an example, it is enlightening to follow the chain of events that starts when human SOC analysts decide that CSIRT action … Read more

The Dynamic Update of Protect Surface Metadata

In our interconnected digital age, robust cybersecurity is as much about understanding what you’re defending as it is about the intricacies of the defenses themselves. Think of digital assets as a vast castle. Once the walls were vital, but the true value lies inside with the treasures: data, applications, assets, and services. John Kindervag’s evolution … Read more

Cyber Resielience

The silver lining of cyber resilience

In the digital age, where the fabric of our interconnected world is woven with threads of data and technology, the imperative for cyber resilience has never been more urgent. Today’s enterprise architectures stand at a crossroads, facing a storm of targeted cyberattacks that threaten not only their systems, but also the very essence of their … Read more

Hackers only need one unguarded minute. On average, you offer 60-150 days.

Software has vulnerabilities that provide hackers with the opportunity to steal data, install ransomware or sabotage your business. Criminal organizations and intelligence services are willing to pay a lot of money for vulnerabilities that (almost) no one knows about. Big bucks (or rather, cryptos) are paid for these zero-days on the so-called dark web, because they offer you an open backdoor just for you

The Log4j lessons: so what IS vulnerability management anyway?

In our first Log4j lessons blog, we focused on the necessity of becoming very, very good at patching, and making it a well-documented and automated routine in your IT-environment. This might sound obvious, but many organizations hit serious hurdles in their initial Log4j handling because their patch machine did not start cold. Our main takeaway … Read more

The war situation in Ukraine and cyber threats

On February 24, we sent out a security update on the cybersecurity implications of Russia’s invasion of Ukraine. In this new bulletin, we give you a status update on the most recent developments.