Black belt or paper tiger? Danish security professionals are debating the topic of Trusted Introducer certifications in an article in Version2.dk. 
Executive Partner at Itm8/Improsec, Martin Kofoed, comments on the topic, stating that “all security teams should have this certification as a proof of relevant maturity in the handling of cyber attacks".

All too often the itm8/Improsec CSIRT team witnesses a lack of experience and maturity in the handling of cases, they are called into. Lack of documented and well-tested procedures can be the crucial difference between a safe recovery or a devastating outcome for the organisation hit by cyber attacks. This is also why the coming NIS2 directive sets out demands on this exact point, hence the ENISA adoption of the SIM3 framework as a reference for measurement of organisational maturity in the handling of security incidents.
Read the article for more insights on Trusted Introducer and SIM3

Yesterday we were 50 world-class security advisors. Today we are 102. The reason for this is, that Improsec – together with the 12 brands in the itm8 group – is merging into ‘one itm8’.

Denmark's cyber crime threat is at its highest level. In a new article in Børsen and Berlingske today, COO Per Silberg Hansen and CEO Martin Kofoed urge businesses to “take a stand on cyber security” by understanding the evolving threat landscape, maintaining good cyber hygiene, and not treating cyber security as a mere paperwork exercise.

 “𝘛𝘩𝘦 𝘤𝘺𝘣𝘦𝘳 𝘵𝘩𝘳𝘦𝘢𝘵 𝘪𝘴 𝘵𝘩𝘦 𝘢𝘳𝘦𝘢, 𝘵𝘩𝘢𝘵 𝘰𝘧𝘵𝘦𝘯 𝘱𝘰𝘴𝘦𝘴 𝘵𝘩𝘦 𝘨𝘳𝘦𝘢𝘵𝘦𝘴𝘵 𝘳𝘪𝘴𝘬 𝘧𝘰𝘳 𝘤𝘰𝘮𝘱𝘢𝘯𝘪𝘦𝘴 𝘵𝘰𝘥𝘢𝘺, 𝘢𝘯𝘥 𝘢𝘵 𝘵𝘩𝘦 𝘴𝘢𝘮𝘦 𝘵𝘪𝘮𝘦 𝘪𝘵'𝘴 𝘵𝘩𝘦 𝘢𝘳𝘦𝘢 𝘸𝘩𝘦𝘳𝘦 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘢𝘯𝘥 𝘣𝘰𝘢𝘳𝘥 𝘰𝘧 𝘥𝘪𝘳𝘦𝘤𝘵𝘰𝘳𝘴 𝘬𝘯𝘰𝘸 𝘵𝘩𝘦 𝘭𝘦𝘢𝘴𝘵. 𝘐𝘵'𝘴 𝘢 𝘥𝘪𝘭𝘦𝘮𝘮𝘢 𝘧𝘰𝘳 𝘵𝘰𝘱 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘸𝘩𝘰 𝘴𝘪𝘵 𝘸𝘪𝘵𝘩 𝘵𝘩𝘦 𝘥𝘪𝘳𝘦𝘤𝘵 𝘳𝘦𝘴𝘱𝘰𝘯𝘴𝘪𝘣𝘪𝘭𝘪𝘵𝘺" says Per Silberg Hansen.

 Ultimately, companies must actively maintain robust cyber hygiene, and make cyber security a strategic priority rather than a mere formality to ensure their continued operation.

No business is too small to be hacked. In a new article published in Market Connect, CEO Martin Kofoed describes the increasing trend of hackers targeting small to medium-sized businesses and small hosting providers.

 "𝘞𝘦 𝘢𝘳𝘦 𝘴𝘦𝘦𝘪𝘯𝘨 𝘮𝘰𝘳𝘦 𝘢𝘯𝘥 𝘮𝘰𝘳𝘦 𝘦𝘹𝘢𝘮𝘱𝘭𝘦𝘴 𝘰𝘧 𝘵𝘩𝘦 hackers 𝘵𝘢𝘳𝘨𝘦𝘵𝘪𝘯𝘨 𝘩𝘰𝘴𝘵𝘪𝘯𝘨 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘳𝘴 𝘢𝘯𝘥 𝘥𝘢𝘵𝘢 𝘤𝘦𝘯𝘵𝘳𝘦𝘴 𝘵𝘰 𝘴𝘩𝘶𝘵 𝘥𝘰𝘸𝘯. 𝘔𝘢𝘯𝘺 𝘴𝘮𝘢𝘭𝘭 𝘢𝘯𝘥 𝘮𝘦𝘥𝘪𝘶𝘮-𝘴𝘪𝘻𝘦𝘥 𝘤𝘰𝘮𝘱𝘢𝘯𝘪𝘦𝘴 𝘩𝘢𝘷𝘦 𝘴𝘵𝘰𝘳𝘦𝘥 𝘵𝘩𝘦𝘪𝘳 𝘥𝘢𝘵𝘢 𝘩𝘦𝘳𝘦, 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘚𝘔𝘌 𝘴𝘦𝘨𝘮𝘦𝘯𝘵 𝘪𝘴 𝘵𝘩𝘦𝘳𝘦𝘧𝘰𝘳𝘦 𝘦𝘹𝘵𝘳𝘢 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘭𝘦 𝘵𝘰 𝘵𝘩𝘦𝘴𝘦 𝘢𝘵𝘵𝘢𝘤𝘬𝘴" says Martin.

As Martin explains, many small to medium-sized businesses (SMBs) do not have the knowledge and resources to demand security requirements from their business partners, or to contain an attack. Therefore, an attack might often force a company to close completely.

Read the full article (also available in Danish) to understand why cyber threats are a growing concern for SMBs.

A passion for continuous learning is the most important qualification for an IT security job. Passion can’t be taught, but security can. As our Improsec CEO Martin Kofoed explains in a new editorial in IT Watch, the most important skill for a successful IT security career is motivation.

“𝘐𝘛 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘪𝘴 𝘢 𝘸𝘢𝘺 𝘰𝘧 𝘭𝘪𝘧𝘦 𝘢𝘯𝘥 𝘪𝘧 𝘺𝘰𝘶 𝘥𝘰𝘯'𝘵 𝘩𝘢𝘷𝘦 𝘢 𝘥𝘦𝘦𝘱 𝘤𝘶𝘳𝘪𝘰𝘴𝘪𝘵𝘺 𝘰𝘳 𝘥𝘳𝘪𝘷𝘦𝘯 𝘣𝘺 𝘮𝘰𝘵𝘪𝘷𝘢𝘵𝘪𝘰𝘯, 𝘺𝘰𝘶 𝘸𝘪𝘭𝘭 𝘯𝘦𝘷𝘦𝘳 𝘣𝘦 𝘢𝘮𝘰𝘯𝘨 𝘵𝘩𝘦 𝘣𝘦𝘴𝘵.”

Martin clarifies, that IT security is a fast-moving field; “𝘛𝘩𝘦𝘳𝘦 𝘪𝘴 𝘯𝘰 𝘱𝘰𝘪𝘯𝘵 𝘪𝘯 𝘨𝘰𝘪𝘯𝘨 𝘧𝘰𝘳 𝘢 𝘵𝘦𝘤𝘩𝘯𝘪𝘤𝘢𝘭 𝘦𝘥𝘶𝘤𝘢𝘵𝘪𝘰𝘯 𝘰𝘳 𝘢 𝘴𝘱𝘦𝘤𝘪𝘧𝘪𝘤 𝘥𝘪𝘳𝘦𝘤𝘵𝘪𝘰𝘯 𝘪𝘯 𝘳𝘦𝘭𝘢𝘵𝘪𝘰𝘯 𝘵𝘰 𝘸𝘩𝘢𝘵 𝘦𝘮𝘱𝘭𝘰𝘺𝘦𝘳𝘴 𝘢𝘳𝘦 𝘧𝘰𝘤𝘶𝘴𝘪𝘯𝘨 𝘰𝘯 𝘢𝘯𝘥 𝘥𝘦𝘮𝘢𝘯𝘥𝘪𝘯𝘨 𝘪𝘯 𝘢𝘶𝘵𝘶𝘮𝘯 2023. 𝘉𝘦𝘤𝘢𝘶𝘴𝘦 𝘣𝘺 𝘴𝘱𝘳𝘪𝘯𝘨 𝘵𝘩𝘦 𝘧𝘰𝘤𝘶𝘴 𝘮𝘢𝘺 𝘩𝘢𝘷𝘦 𝘤𝘩𝘢𝘯𝘨𝘦𝘥.”
 
Read the full editorial here, (also in Danish).

Improsec is proud to announce our accreditation by Open CSIRT Foundation as the first commercial listed CSIRT out of Denmark.

In October 2022 Improsec was admitted as member to the Forum of Incident Response and Security Teams. Learn more here.

Five years have passed since the NotPetya attack forever changed the cyber threat landscape where NSA leaked tools came into the hands of threat actors and ransomware moved from user context to full domain takeover. This game-changing event taught us that we can’t rely solely on backup and restore, but instead need a dedicated prevention effort and intelligence-based patch management. But are we actually implementing these learned lessons? Are we working smarter now?

In this blog Martin Kofoed revisits his early 2017 ransomware article and discusses what has changed and what we have learned since then.

You have seen the terms, but have you wondered what TIBER, red teaming or APT are exactly? Or maybe you are already familiar with these terms but are curious how these methods can add value to your organization? Then this blog has all the answers. Martin explains in plain language, the difference between a red team and a purple team. He also provides a breakdown of a red team test and what kind of documentation to expect from a test. If you are interested in learning more about operational and offensive security then this blog is for you. LINK