2024

It’s all about the data

A robust monitoring service, integral to the operations of the IT Security department, is contingent upon the seamless and punctual ingestion of event and flow data. The significance of this timely acquisition cannot be overstated, as it forms the bedrock for proactive threat detection, incident response, and overall cybersecurity resilience.

February 16, 2024

2023

Hey data scientist, are you really listening to the security data?

Protecting your company against the evolving landscape of both current and past threats is a formidable challenge, one that some consider insurmountable. However, it’s crucial to remember that while it may be a daunting task, it should not be perceived as impossible. In fact, it’s imperative to recognize that modern security strategies need to adapt to the ever-changing nature of cyber threats. This adaptation relies on the effective utilization of data generated by security controls, a process that transforms raw data into actionable events.

October 29, 2023

The ‘lazy’ SOC model

In the contemporary landscape, the paramount importance of security is becoming increasingly evident, casting a spotlight on the escalating workload of the SOC. This burgeoning workload is characterized not only by a surge in the sheer volume of requests and inquiries but also by the growing intricacy of security challenges. In this dynamic environment, when a security incident unfolds, there is an implicit expectation for the SOC to respond promptly and with pinpoint accuracy. Simultaneously, the SOC grapples with a persistent conundrum exacerbated by a global shortage of highly skilled security professionals — recruitment and retention.

October 22, 2023

The importance of having a data scientist team in Cyber Security Center

Numerous parallels exist between the strategic board game ‘Stratego’ and the operation of a Cyber Operation Center. In ‘Stratego,’ you engage in one-on-one gameplay, but within the Cyber Security Center, you’re navigating multiple games simultaneously. Your objective remains steadfast: safeguard the flag for as long as possible, while adversaries relentlessly pursue its conquest. The distinguishing factor lies in the dynamics of these engagements. While you’re simultaneously managing multiple fronts, your adversaries can opt to focus on one game at a time. At first glance, this might appear unequal, almost like an unfair contest. However, it shouldn’t be.

October 16, 2023

Do you really need a dedicated SOC for the OT-environment?

By adhering strictly to the Purdue model, your OT environment will exclusively consist of essential devices required for seamless factory operations, effectively mitigating IT-related threats. However, as is often the case, theory and practice diverge. In reality, the situation is more intricate. Let’s delve into the myriad facets of this issue to help you determine the optimal approach for your environment.

September 17, 2023

Can ChatGPT takeover the role as a use case developer?

Currently, many people are talking about ChatGPT and how it will affect everybody’s life. Some (including me) are also investigating it. Therefore, let’s put it to the test. Does ChatGPT know how to find the right and relevant information to design and implement a use case around a password spray attack? Put differently, can ChatGPT replace the use case developer?

May 21, 2023