Cybersecurity blog

News, articles and thought leadership.

Stay up to date

CyberSecurity threats

Allowing remote access, whether it is for remote workers or partners, is required for almost all enterprises. Especially since the big shift towards remote work of the past couple of years. But enabling remote access doesn’t just bring flexibility; it comes with a number of security concerns. Cybercriminals have honed in on the vulnerabilities of widely used remote work technologies. What are those technologies and what are those vulnerabilities?
An image of cybersecurity heroes in Hollywood.
Hollywood has a knack for dramatizing the digital battlefield. Let’s peel back the Hollywood façade and shine a light on what cybersecurity really looks like in the command centers of SOCs and CSIRTS.
A Cyber Security Incident Response Team is the emergency room of cybersecurity. You don’t want to need one, but once something bad happens, the ER doctors might just save your life. You don’t want to need critical incident response, but once a cyber incident occurs, you’ll be glad you have a team ready.
Effectively dealing with critical security incidents that potentially have a major impact on the business of our customers is the essential function of the ON2IT 24/7 Security Operations Center (SOC). Time is of the essence, and it is vitally important to know what to do and how to act. ON2IT’s Cybersecurity Incident Response Team (CSIRT) … Read more
This may sound extreme to some, but once the national legislations around the Network and Information Systems Directive 2 (NIS2) are finalized, this can become your reality. NIS2 has been in effect since January 2023, with a deadline of October 2024 for EU member states to publish and implement policy. Not only does NIS2 dictate … Read more
An image of coins under the text 'How Zero Trust as a Service reduces the cost of a data breach'
Multiplying these factors gives a numerical depiction of risk, aiding in its prioritization and management. For instance, a high-impact but low-likelihood event might be deemed acceptable. Yet, an event with moderate impact and high likelihood could be perceived as riskier. Real-world risk assessment is, of course, more intricate than this formula alone. Variables, dependencies, and … Read more

Zero Trust

The thing is, many companies don’t stop to think about the status of their cybersecurity until a problem arises. Whether it’s a sudden transition to remote work or the abrupt implementation or alteration of compliance guidelines, the moment to then start thinking about your cybersecurity will already have passed. With these significant and abrupt transformations, … Read more
In part II, John shares insights into both his experience working at Forrester and his contribution to the President’s National Security Telecommunications Advisory Committee (NSTAC) Draft on Zero Trust and Trusted Identity Management.  He also highlights an unexpected but important consequence to Zero Trust.
He touches topics such as ‘how do the organizations overcome barriers to adopting and implementing Zero Trust’ and dives deeper into how Zero Trust is a Strategy and not a technology or product. Kindervag emphasizes that Zero Trust is incremental, protecting one surface at a time and emphasizes that enterprises don’t need to protect all … Read more
The world of cybersecurity continues to have a battlefield littered with sucking chest wounds that go untreated. We are too passive. Too afraid of action. Too intimidated to do the right thing for our organization. There are a ton of excuses for this…
The increasing popularity of Zero Trust means that more and more is written about it. Unfortunately, the many online publications show that there are quite a few misgivings – and that not everyone understands what exactly is the purpose of Zero Trust.

Business & Technology

The MGM Resorts attack Hotel and entertainment giant MGM Resorts has been left dealing with serious consequences after a cyber-attack that kicked off with a fraudulent call to their service desk. The attack has reportedly led to outages of their internal networks, ATMs, slot machines, digital room key cards, and electronic payment systems. Even TV … Read more
Plano (US) – ON2IT, a leading provider of managed cybersecurity services, announces the addition of the CISA Zero Trust Maturity Model into its Zero Trust as a Service platform, AUXO™.  Organizations can use ON2IT’s Zero Trust as a Service platform to strengthen cyber defenses and easily embrace Zero Trust.  With cyber threat growth in volume … Read more
Why did Log4j have such an impact? But, although Log4j and follow-up attack vectors are still a real threat for many organizations, it’s certainly not too early to draw lessons learned from this episode. What made Log4j different from other ‘classic’ 2021 vulnerabilities such as Citrix, Kaseya, and Hafnium (Exchange) is the fact that it … Read more
They also know that, somewhere in the office, there is a supplies rack on which there is this nice cardboard box with product X. That nice cardboard box is there for one simple reason: to be able to affirmatively answer the question of “do you have checkbox alpha?”. However, it’s in a cardboax box on … Read more