How long does it take to establish a security concept?

 Steinkühler:It took two years for Ernst & Young to certify their architecture and the process is ongoing. We had 51 findings in the first attack during a penetration test at Ernst & Young. Of course, we tried to fix them, but after the 13th finding, there was no possible solution, because there were simply too many gaps that could not be closed. We had to accept that there were too many systems in use that were not secure against penetration. Therefore, we completely remodeled the architecture; the simple explanation is that we have built a high wall with encryption and a network controller that also works as a firewall and control point: all websites that may contain links to the outside are re-examined and protected. Our security architecture is like a fort: only a few gates open,


»OUR SECURITY ARCHITECTURE IS LIKE A FORT: ONLY A FEW GATES OPEN. «

Bernd Steinkühler


Correct Power Institute


You have as clients companies from various sectors. Is there a security solution that can be used as a model for all the others?


Bernd Steinkühler: It must always be checked individually. Ultimately, the correct concept must be based on how the data leaves the computational center. The various possibilities must be incorporated in collaboration with the client's security department. In addition, several standards and norms apply. Basic BSI protection is considered the bible of cybersecurity. When taken into account, at least one elementary level of protection has been obtained. The rest must be adapted to individual requirements.


You have as clients companies from various sectors. Is there a security solution that can be used as a model for all the others?

Technicians are well-versed with the brass tacks of the services/products, which they provide support for. If IT Technicians are unable to resolve a problem, it is escalated to the senior team.

Bernd Steinkühler: It must always be checked individually. Ultimately, the correct concept must be based on how the data leaves the computational center. The various possibilities must be incorporated in collaboration with the client's security department. In addition, several standards and norms apply. Basic BSI protection is considered the bible of cybersecurity. When taken into account, at least one elementary level of protection has been obtained. The rest must be adapted to individual requirements.


Comments

Post a Comment

Popular posts from this blog

Discover how to leverage your IT career

 Technologies continue to change the way we live, play and do business. So it should come as no surprise that computing and IT are among the fastest growing careers today - and are set to expand in the coming years. The Brazilian Software Market study - Panorama e Tendência 2019, carried out by the Brazilian Association of Software Companies (ABES), indicated a growth of 6.7% in the global IT market, and in Brazil the sector grew 9.8%, in 2019. The result was well above those achieved between 2017 and 2018. This data gives you an idea of ​​how heated this market is, but do you know how to boost your IT career? Check out some tips in this article! Knowing the IT career in the current scenario This dominance of the IT labor market cited in the introduction is due to several factors. Among them, the rapid growth of the Internet and e-commerce and lower hardware prices, allowing more companies to update their technology. Increased demand for information security experts, spurred by the inc
Read more

What is a DDoS Attack? A Simple Definition

Since we’re all about making technical topics simple, let’s start with a basic answer to the question: What does DDoS mean (a.k.a. “What is a distributed denial of service attack”)? As mentioned above, a DDoS attack is a bit like a traffic jam on a website (but it’s intentionally caused by a hacker). Here’s a simple definition for the meaning of DDoS: A DDoS (distributed-denial-of-service) attack is when a hacker makes a website or other service inaccessible by flooding it with requests from many different devices. If you’ve also heard the term “DoS attack,” don’t let that confuse you. A DDoS attack is just a specific type of DoS (denial-of-service) attack — one that uses multiple computers/devices to attack with. How Does a DDoS Attack Work ? Just like a traffic jam floods a highway with more cars than it can handle, a DDoS attack floods a website with more requests (i.e. visitors) than the web server or other related systems can handle. Many hackers use botnets (a.k.a.
Read more

How to prevent a DDoS?

Keeping yourself protected from DDoS attacks is something that is often easier said than done because of the fact cybercriminals will often stop at nothing to gain unauthorised access to private data, and many international brands such as Netflix, AirBnB, and Spotify have all become victims in the past. In spite of this, there are certain things that can be done in an effort to prevent a DDoS attack from occurring. Denial of service attack definition Firstly, you will need to make sure that any firewalls and routers are configured in the correct manner and applied with up-to-date security patches. Similarly, it’s also worth regularly checking for security updates for your Internet of Things (IoT) devices and adding a password where possible. This is because these devices have been increasingly targeted by hackers in recent years. Doing everything in your power to keep things up to date will ensure that any bogus traffic is promptly rejected during a process whereby network traff
Read more