Richard de Vries

2023

When was the most recent instance in which you performed OSINT on yourself?

In our ever more interconnected and digital world, it might, at first, appear counterintuitive to champion the practice of conducting OSINT on the very company you are entrusted to safeguard. However, this seemingly paradoxical notion underscores a fundamental truth in the realm of cybersecurity and corporate defense — if you can access information about your organization through OSINT techniques, so too can malicious actors with potentially nefarious intent.

November 5, 2023

Hey data scientist, are you really listening to the security data?

Protecting your company against the evolving landscape of both current and past threats is a formidable challenge, one that some consider insurmountable. However, it’s crucial to remember that while it may be a daunting task, it should not be perceived as impossible. In fact, it’s imperative to recognize that modern security strategies need to adapt to the ever-changing nature of cyber threats. This adaptation relies on the effective utilization of data generated by security controls, a process that transforms raw data into actionable events.

October 29, 2023

The ‘lazy’ SOC model

In the contemporary landscape, the paramount importance of security is becoming increasingly evident, casting a spotlight on the escalating workload of the SOC. This burgeoning workload is characterized not only by a surge in the sheer volume of requests and inquiries but also by the growing intricacy of security challenges. In this dynamic environment, when a security incident unfolds, there is an implicit expectation for the SOC to respond promptly and with pinpoint accuracy. Simultaneously, the SOC grapples with a persistent conundrum exacerbated by a global shortage of highly skilled security professionals — recruitment and retention.

October 22, 2023

The importance of having a data scientist team in Cyber Security Center

Numerous parallels exist between the strategic board game ‘Stratego’ and the operation of a Cyber Operation Center. In ‘Stratego,’ you engage in one-on-one gameplay, but within the Cyber Security Center, you’re navigating multiple games simultaneously. Your objective remains steadfast: safeguard the flag for as long as possible, while adversaries relentlessly pursue its conquest. The distinguishing factor lies in the dynamics of these engagements. While you’re simultaneously managing multiple fronts, your adversaries can opt to focus on one game at a time. At first glance, this might appear unequal, almost like an unfair contest. However, it shouldn’t be.

October 16, 2023

AI and Security: A Perfect Union?

Artificial Intelligence, commonly referred to as AI, has undeniably become the prevailing marketing buzzword in recent times. The excitement surrounding AI is palpable, and it has captured the imagination of industries and individuals alike. However, the crucial question is whether AI can truly live up to these soaring expectations. In my view, the answer is a cautious one; the current state of AI, though promising, still carries certain limitations due to its emerging and relatively immature nature.

October 15, 2023

Death by SLA

In every organization that has embraced the ITIL framework, the emergence of the term SLA is an inevitable milestone, and it often marks the beginning of a challenging journey. The process of crafting a well-defined SLA that is comprehensible and agreeable to all involved parties can be an arduous undertaking, particularly when attempting to articulate it in a language that is not your native tongue.

October 1, 2023

The 98%-rule

Initiating a project to implement a security control is a critical undertaking in any organization’s cybersecurity strategy. However, it often raises a fundamental and seemingly straightforward question: “When can we consider this security control fully implemented?” This query, though seemingly simple, is anything but, as it entails a multifaceted evaluation that requires careful consideration of various elements.

September 24, 2023

Do you really need a dedicated SOC for the OT-environment?

By adhering strictly to the Purdue model, your OT environment will exclusively consist of essential devices required for seamless factory operations, effectively mitigating IT-related threats. However, as is often the case, theory and practice diverge. In reality, the situation is more intricate. Let’s delve into the myriad facets of this issue to help you determine the optimal approach for your environment.

September 17, 2023

MTTC – The only KPI that matters

MTTC is the critical KPI that holds immense significance in the constantly shifting landscape of cybersecurity. This metric essentially functions as a litmus test, providing an insightful measure of an organization’s prowess in promptly identifying and efficiently mitigating cybersecurity incidents or breaches once they have successfully bypassed the organization’s digital defenses. The significance of MTTC is underscored by the relentless proliferation and escalating sophistication of cyber threats, which have collectively conspired to make achieving this KPI an increasingly formidable endeavor.

September 3, 2023

Inside the Shadows

Ethan Walker, a once-committed IT specialist at Vanguard Financial, has become disillusioned with his role, feeling underappreciated and sidelined by corporate bureaucracy. When approached by a shadowy hacking group known as The Syndicate, he impulsively agrees to subtly weaken Vanguard’s security infrastructure. His small acts of sabotage set the stage for a destructive ransomware assault by The Syndicate, aimed at crippling Vanguard’s finances and reputation.

September 1, 2023