Black belt or paper tiger? Danish security professionals are debating the topic of Trusted Introducer certifications in an article in Version2.dk.
Executive Partner at Itm8/Improsec, Martin Kofoed, comments on the topic, stating that “all security teams should have this certification as a proof of relevant maturity in the handling of cyber attacks".
All too often the itm8/Improsec CSIRT team witnesses a lack of experience and maturity in the handling of cases, they are called into. Lack of documented and well-tested procedures can be the crucial difference between a safe recovery or a devastating outcome for the organisation hit by cyber attacks. This is also why the coming NIS2 directive sets out demands on this exact point, hence the ENISA adoption of the SIM3 framework as a reference for measurement of organisational maturity in the handling of security incidents.
Read the article for more insights on Trusted Introducer and SIM3
Improsec merging into 'one itm8'
Parlez-vous cyber?
Geopolitical instability continues to have far-reaching consequences on the global stage, including the cyber security landscape. These dynamics can directly impact your organization's security strategies and therefore should be reflected in security awareness.
In this new cyber blog, Strategic Cyber Risk Advisor Hans Larsen explains the significance of including geopolitical contexts in your cyber security awareness approach and how small changes to awareness can have a big impact.
Read the full blog to get insights into the importance geopolitics in cyber security awareness culture.
Take a stance on cyber security and strengthen your IT security
Denmark's cyber crime threat is at its highest level. In a new article in Børsen and Berlingske today, COO Per Silberg Hansen and CEO Martin Kofoed urge businesses to “take a stand on cyber security” by understanding the evolving threat landscape, maintaining good cyber hygiene, and not treating cyber security as a mere paperwork exercise.
“𝘛𝘩𝘦 𝘤𝘺𝘣𝘦𝘳 𝘵𝘩𝘳𝘦𝘢𝘵 𝘪𝘴 𝘵𝘩𝘦 𝘢𝘳𝘦𝘢, 𝘵𝘩𝘢𝘵 𝘰𝘧𝘵𝘦𝘯 𝘱𝘰𝘴𝘦𝘴 𝘵𝘩𝘦 𝘨𝘳𝘦𝘢𝘵𝘦𝘴𝘵 𝘳𝘪𝘴𝘬 𝘧𝘰𝘳 𝘤𝘰𝘮𝘱𝘢𝘯𝘪𝘦𝘴 𝘵𝘰𝘥𝘢𝘺, 𝘢𝘯𝘥 𝘢𝘵 𝘵𝘩𝘦 𝘴𝘢𝘮𝘦 𝘵𝘪𝘮𝘦 𝘪𝘵'𝘴 𝘵𝘩𝘦 𝘢𝘳𝘦𝘢 𝘸𝘩𝘦𝘳𝘦 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘢𝘯𝘥 𝘣𝘰𝘢𝘳𝘥 𝘰𝘧 𝘥𝘪𝘳𝘦𝘤𝘵𝘰𝘳𝘴 𝘬𝘯𝘰𝘸 𝘵𝘩𝘦 𝘭𝘦𝘢𝘴𝘵. 𝘐𝘵'𝘴 𝘢 𝘥𝘪𝘭𝘦𝘮𝘮𝘢 𝘧𝘰𝘳 𝘵𝘰𝘱 𝘮𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘸𝘩𝘰 𝘴𝘪𝘵 𝘸𝘪𝘵𝘩 𝘵𝘩𝘦 𝘥𝘪𝘳𝘦𝘤𝘵 𝘳𝘦𝘴𝘱𝘰𝘯𝘴𝘪𝘣𝘪𝘭𝘪𝘵𝘺" says Per Silberg Hansen.
Ultimately, companies must actively maintain robust cyber hygiene, and make cyber security a strategic priority rather than a mere formality to ensure their continued operation.
The best go where their professionalism is sharpened
Innovative solutions come from fostering a culture of continuous professional development. In a new IT Watch editorial, COO Per Silberg Hansen emphasizes the significance of creating openness and encouraging creativity in the workplace.
Per says; "I have experienced how brilliant solutions have arisen in different and unexpected constellations. In a culture that cultivates open, creative dialogue with constant sparring, employees are curious.”
New knowledge not only benefits the employee, but also the quality of our deliveries to our customers. And Per explains; “The high level of technical competence we have, is only possible because we invest in our consultants’ skills development – and constantly try to support an environment where there is room for learning and development”.
Read the full article (also in Danish) here.
Increasing cyber crime forces SME's to increase their requirements to business partners
No business is too small to be hacked. In a new article published in Market Connect, CEO Martin Kofoed describes the increasing trend of hackers targeting small to medium-sized businesses and small hosting providers.
"𝘞𝘦 𝘢𝘳𝘦 𝘴𝘦𝘦𝘪𝘯𝘨 𝘮𝘰𝘳𝘦 𝘢𝘯𝘥 𝘮𝘰𝘳𝘦 𝘦𝘹𝘢𝘮𝘱𝘭𝘦𝘴 𝘰𝘧 𝘵𝘩𝘦 hackers 𝘵𝘢𝘳𝘨𝘦𝘵𝘪𝘯𝘨 𝘩𝘰𝘴𝘵𝘪𝘯𝘨 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘳𝘴 𝘢𝘯𝘥 𝘥𝘢𝘵𝘢 𝘤𝘦𝘯𝘵𝘳𝘦𝘴 𝘵𝘰 𝘴𝘩𝘶𝘵 𝘥𝘰𝘸𝘯. 𝘔𝘢𝘯𝘺 𝘴𝘮𝘢𝘭𝘭 𝘢𝘯𝘥 𝘮𝘦𝘥𝘪𝘶𝘮-𝘴𝘪𝘻𝘦𝘥 𝘤𝘰𝘮𝘱𝘢𝘯𝘪𝘦𝘴 𝘩𝘢𝘷𝘦 𝘴𝘵𝘰𝘳𝘦𝘥 𝘵𝘩𝘦𝘪𝘳 𝘥𝘢𝘵𝘢 𝘩𝘦𝘳𝘦, 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘚𝘔𝘌 𝘴𝘦𝘨𝘮𝘦𝘯𝘵 𝘪𝘴 𝘵𝘩𝘦𝘳𝘦𝘧𝘰𝘳𝘦 𝘦𝘹𝘵𝘳𝘢 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘭𝘦 𝘵𝘰 𝘵𝘩𝘦𝘴𝘦 𝘢𝘵𝘵𝘢𝘤𝘬𝘴" says Martin.
As Martin explains, many small to medium-sized businesses (SMBs) do not have the knowledge and resources to demand security requirements from their business partners, or to contain an attack. Therefore, an attack might often force a company to close completely.
Read the full article (also available in Danish) to understand why cyber threats are a growing concern for SMBs.
Tomorrow's talents must choose with their heart
A passion for continuous learning is the most important qualification for an IT security job. Passion can’t be taught, but security can. As our Improsec CEO Martin Kofoed explains in a new editorial in IT Watch, the most important skill for a successful IT security career is motivation.
“𝘐𝘛 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘪𝘴 𝘢 𝘸𝘢𝘺 𝘰𝘧 𝘭𝘪𝘧𝘦 𝘢𝘯𝘥 𝘪𝘧 𝘺𝘰𝘶 𝘥𝘰𝘯'𝘵 𝘩𝘢𝘷𝘦 𝘢 𝘥𝘦𝘦𝘱 𝘤𝘶𝘳𝘪𝘰𝘴𝘪𝘵𝘺 𝘰𝘳 𝘥𝘳𝘪𝘷𝘦𝘯 𝘣𝘺 𝘮𝘰𝘵𝘪𝘷𝘢𝘵𝘪𝘰𝘯, 𝘺𝘰𝘶 𝘸𝘪𝘭𝘭 𝘯𝘦𝘷𝘦𝘳 𝘣𝘦 𝘢𝘮𝘰𝘯𝘨 𝘵𝘩𝘦 𝘣𝘦𝘴𝘵.”
Martin clarifies, that IT security is a fast-moving field; “𝘛𝘩𝘦𝘳𝘦 𝘪𝘴 𝘯𝘰 𝘱𝘰𝘪𝘯𝘵 𝘪𝘯 𝘨𝘰𝘪𝘯𝘨 𝘧𝘰𝘳 𝘢 𝘵𝘦𝘤𝘩𝘯𝘪𝘤𝘢𝘭 𝘦𝘥𝘶𝘤𝘢𝘵𝘪𝘰𝘯 𝘰𝘳 𝘢 𝘴𝘱𝘦𝘤𝘪𝘧𝘪𝘤 𝘥𝘪𝘳𝘦𝘤𝘵𝘪𝘰𝘯 𝘪𝘯 𝘳𝘦𝘭𝘢𝘵𝘪𝘰𝘯 𝘵𝘰 𝘸𝘩𝘢𝘵 𝘦𝘮𝘱𝘭𝘰𝘺𝘦𝘳𝘴 𝘢𝘳𝘦 𝘧𝘰𝘤𝘶𝘴𝘪𝘯𝘨 𝘰𝘯 𝘢𝘯𝘥 𝘥𝘦𝘮𝘢𝘯𝘥𝘪𝘯𝘨 𝘪𝘯 𝘢𝘶𝘵𝘶𝘮𝘯 2023. 𝘉𝘦𝘤𝘢𝘶𝘴𝘦 𝘣𝘺 𝘴𝘱𝘳𝘪𝘯𝘨 𝘵𝘩𝘦 𝘧𝘰𝘤𝘶𝘴 𝘮𝘢𝘺 𝘩𝘢𝘷𝘦 𝘤𝘩𝘢𝘯𝘨𝘦𝘥.”
Read the full editorial here, (also in Danish).
Claus Vesthammer forlader Improsec
Claus Vesthammer forlader Improsec. Claus, der har været med på rejsen næsten siden it-sikkerhedsvirksomheden Improsecs start i 2015, har nu valgt at forlade virksomheden.
Claus Vesthammer, der er en af de tidligere ejere i Improsec, begrunder sit valg med, at han har været med til at bringe Improsec frem til den markedsledende position, virksomheden har i dag, og føler nu, at tiden er inde til andre og nye udfordringer.
Don't buy (or sell) the cyber cat in the bag
Companies are only as strong as the weakest link. So why would a company willingly merge with a weaker company? Because they did not consider cyber due diligence.
There are several examples of M&As where a cyber-attack that took place after a purchase was made, and the merger was completed, brought down both companies.
What should you look for as a potential buyer or investor? Find out in this article by Per Silberg Hansen, Director of Strategic Cyber Risk Advisory.
Risk Revamp 2.0
The financial sector is a complex web of institutions, markets, and instruments that are all interconnected. This means that what happens in one part of the financial system can have ripple effects across the entire system. The recent downfall of Credit Suisse and Silicon Valley Bank has people in the financial sector reflecting on this interconnectedness and the necessity of effective risk management strategies. In this blog Strategic Cyber Risk Advisor Hans Larsen describes how risk management is trending again in the top circles of finance companies, but that there is a danger that not all types of risk are being addressed.
IT SECURITY MUST NOT BECOME A PAPER EXERCISE
“I don’t have an airbag in my car because the law dictates it, but because the airbag can save my life in an accident” explained Director of Technical Cyber Risk Advisory Thomas Wong, who together with CEO Martin Kofoed described to Børsen the importance of making real improvements to IT security rather than just ticking checkboxes to avoid fines on government requirements.
With the EU launching directives such as GDPR and NIS2, which force stricter requirements for companies’ IT security, there is a risk that these mandates just become paper exercises. But with a holistic approach, which includes technical, operational testing, and strategic understanding from top management, real improvements to companies' IT security can prevent future attacks.
This blog post is an English translation of an article published in Børsen and includes a link to the original Danish.
Most commonly found vulnerabilities
What vulnerabilities do we find most commonly during red team engagements? This is a common question our security advisors get asked.
The answer might not surprise you. However just because a vulnerability is commonly known, doesn’t mean it is commonly solved. Common vulnerabilities consisting of misconfigured services and open network shares are difficult to detect because they are ‘working as designed’.
Learn about five common vulnerabilities and their potential mitigations, including which shortcuts and default settings should be avoided in this blog.
The Metaverse and Cyber Security: What's the Catch?
The metaverse is quickly developing as the newest space for collaboration and socialization. While AR and VR users are immersed deeper into a virtual environment, the virtual environment can now affect more on the real world.
As new regulations have not yet been made for these new technologies, the metaverse’s many new privacy and security concerns could cause major damage to organizations and individuals. Learn what Strategic Cyber Risk Advisor Hans Larsen highlights as common security challenges for the future in this blog.
Improsec is proud to announce our accreditation by Open CSIRT Foundation as the first commercial listed CSIRT out of Denmark.
Improsec is proud to annouce our membership in FIRST
Erfaren sikkerhedsekspert bliver ny CEO i førende dansk sikkerhedshus
Improsec A/S, der er førende i Danmark inden for Cyber Security, får ny CEO. Martin Kofoed, der kommer fra en intern stilling som Director for Cyber Defence, overtager fra 14. oktober det samlede ansvar for virksomheden. Han vil holde fokus på at bevare den unikke kultur, fastholde førerpositionen som uafhængig sikkerhedsrådgiver og fortsat rekruttere og udvikle de dygtigste talenter indenfor Cyber Security i Danmark.
Cyber security is an organizational challenge, not just a technical issue
Although cyber security is a hot topic in board meetings right now, it is easy to focus on technical solutions and leave out critical questions regarding recovery plans and responsibility.
When advising large organizations, Strategic Cyber Risk Advisor Hans Larsen often experiences board members unsure of their role during an adverse event.
In this new cyber blog Hans writes out the three crucial questions that all C-Level managers should be asking to prevent a breach from becoming a total disaster.
Zero Vulnerabilities ≠ Safe
How can a company regularly receive vulnerability reports with ZERO vulnerabilities found and still get attacked? Director of Technical Cyber Risk Advisory Thomas Wong addresses a common misconception about vulnerability assessments and describes how internal threats can be equally, if not more, dangerous in this new cyber blog.
Ransomware - What have we learned 5 years since NotPetya
Five years have passed since the NotPetya attack forever changed the cyber threat landscape where NSA leaked tools came into the hands of threat actors and ransomware moved from user context to full domain takeover. This game-changing event taught us that we can’t rely solely on backup and restore, but instead need a dedicated prevention effort and intelligence-based patch management. But are we actually implementing these learned lessons? Are we working smarter now?
In this blog Martin Kofoed revisits his early 2017 ransomware article and discusses what has changed and what we have learned since then.
TIBER and Red Team Testing Methodology
You have seen the terms, but have you wondered what TIBER, red teaming or APT are exactly? Or maybe you are already familiar with these terms but are curious how these methods can add value to your organization? Then this blog has all the answers. Martin explains in plain language, the difference between a red team and a purple team. He also provides a breakdown of a red team test and what kind of documentation to expect from a test. If you are interested in learning more about operational and offensive security then this blog is for you. LINK