The Hafnium lessons from the ON2IT SOC team

The clock started ticking for the sysadmins of the hundreds of thousands of Exchange servers around the world (and their risk officers or CISO’s). Exploits had been seen as early as January, so from March 2 onward the only safe assumption is that an unpatched Exchange server is a breached server.

An EY and ON2IT collaboration: Zero Trust Square Table event

Early February ON2IT CISO, prof. Yuri Bobbert was a keynote speaker at the ISACA / NOREA Square Table event about Zero Trust Readiness and Fitness. With over 300 participants and professions from organizations such as ING, Rabobank, UWV, DNB, KPMG, PwC, Volksbank, Van Lanschot, Belastingdienst and Capgemini, the webinar was a big success.

The broken DMZ model

The DMZ model can be found in the physical world, with the DMZ between North and South Korea being the most well-known. The idea of this DMZ is that it is neutral territory. Whenever there needs to be some sort of discussion impacting both parties, they meet in the DMZ. When network operators first started implementing the DMZ model, the idea was same.

Context is key: the data challenge of cybersecurity

One of the biggest challenges within cybersecurity is how to handle the sheer amount of data. Everyone in the field is familiar with the stories of failed SIEM implementations, because the number of false positives is simply too big for the available IT staff to have enough time and manpower to separate the useful from the useless.

John Kindervag on the next step in Zero Trust

John Kindervag, now Forrester’s best-known security consultant, is the only speaker to present a keynote at all four Bright & Cloudy events since 2013. When in Utrecht, four years ago, the outspoken Texan announced that the traditional way of network security – with its trusted internal network and unreliable