Skip to main content

Author: Ensec-2021

Crisis exercises as the key to greater cyber resilience

Written on . Posted in Governance, Risk & Compliance.

Cybercrime poses a serious and constantly growing threat to companies. According to the study “The State of Ransomware 2024” by Sophos, 59% of the Swiss companies surveyed were affected by ransomware last year alone. A successful ransomware attack can quickly lead to an existential crisis in which the survival of the entire organisation is at stake. The consequences of ransomware attacks: a real risk The financial and operational consequences of such attacks are serious and, in the worst case, can even lead to bankruptcy. This is shown by the example of “Change...

Continue reading

Data protection and ISMS for SMEs

Written on . Posted in Hot Topic!.

In today’s data-driven, digitally networked world, protecting sensitive information is a top priority. In order to meet this challenge in practice, companies are forced to reconcile information security and data protection. More and more companies are introducing an information security management system (ISMS) and supplementing it with special measures for data protection. In this way, they protect all data – regardless of whether it is personal or not. Practical relevance Data protection is there to ensure that companies handle all personal data – be it...

Continue reading

SASE – Network security simplified

Written on . Posted in Hot Topic!, Managed Security Services.

According to an analysis by Gartner, the SASE market is expected to grow by around 30% per year over the next three years. The reasons cited are the trend towards secure working “from everywhere”, customers’ desire for solutions that cover multiple functions and the converging development of the SD-WAN and SSE market towards similar offerings. So it’s high time to take a closer look at this technology. What is SASE? SASE stands for Secure Access Service Edge. It is a network architecture that combines network security features with wide area network (WAN)...

Continue reading

AI is eating the world – challenges in the corporate context

Written on . Posted in Governance, Risk & Compliance, Hot Topic!.

“Human history is characterised by waves of innovation that change everything like an unstoppable tsunami – the agricultural revolution, the steam engine, the internet. Artificial intelligence is the next big wave, the coming wave that is rolling towards us, and we are not prepared for it.” Mustafa Suleyman “The Coming Wave” This is the blurb in Suleyman’s book. In his book, Suleyman, co-founder of Deepmind and Inflection AI, highlights the opportunities and risks of artificial intelligence and warns urgently against the loss of control....

Continue reading

New Swiss Data Protection Act

Written on . Posted in Data Protection Act.

It is not yet clear when the new Swiss Data Protection Act will come into force. It is expected to come into force in mid-2022. However, its purpose is clear: it is intended to strengthen the protection of the personality and fundamental rights of natural persons.

Continue reading

EDR and XDR

Written on . Posted in Endpoint Security.

Integration of the XDR into the system landscape Increasing complexity in information processing opens up more and more options for cyber criminals to gain access to data and systems. The current cybersecurity response to this threat is XDR (Extended Detection and Response) and EDR (Endpoint Detection and Response). In order for the XDR solution to be able to correlate all relevant information, full integration into the system landscape is required. Log data from (cloud) applications, infrastructure systems such as gateways and proxies as well as external threat intelligence...

Continue reading

SME @ Risk

Written on . Posted in Hot Topic!.

Software vulnerabilities, ransomware, new data protection rules and dependencies on cloud providers – the growing use of IT is increasing the associated risks and the demands on risk management.

Continue reading

Ransomware

Written on . Posted in Hot Topic!.

Don’t let yourself be blackmailed! The number of registered ransomware attacks has risen sharply in recent years. It is no longer just private individuals who are affected, but also computers in supposedly well-protected company networks.

Continue reading

Security for the IoT in the healthcare sector

Written on . Posted in Operational Technology.

Connecting IoT devices to the clinical network offers clear benefits for hospitals and clinics, but also exposes them to new cyber threats. From infusion pumps, patient monitors and MRI machines to clinical refrigerators, IoT devices are inherently vulnerable and comparatively easy to hack.

Continue reading

Data protection (GDPR)

Written on . Posted in Data Protection Act.

Since the new European data protection regulation GDPR came into force two years ago, several hundred offences have already been punished with fines. The record to date is a sum of around 200 million euros. Swiss SMEs are still unsettled. A German lorry driver had to pay a 200 euro fine because he published dash cam footage on the internet. British Airways is expected to have to pay around 200 million euros due to poor IT security precautions. Cases of GDPR violations that are penalised with fines are piling up. Over 200 cases are publicly known. The fact that 160,000 breaches were...

Continue reading

Risks of using the cloud

Written on . Posted in Cloud Security.

The growing acceptance and use of cloud services over the past few years shows that their advantages (such as scalability and elasticity, billing based on actual usage, worldwide availability) are slowly but surely becoming established in almost all companies and public authorities. At the same time, the security risks of the cloud, such as shadow IT, uncontrolled data outflow (cloud-to-cloud communication), compromised cloud accounts, company data from the cloud on employees’ personal devices or even data protection violations, are real dangers that must be adequately...

Continue reading