2023

Do you really need a dedicated SOC for the OT-environment?

By adhering strictly to the Purdue model, your OT environment will exclusively consist of essential devices required for seamless factory operations, effectively mitigating IT-related threats. However, as is often the case, theory and practice diverge. In reality, the situation is more intricate. Let’s delve into the myriad facets of this issue to help you determine the optimal approach for your environment.

September 17, 2023

The question is not if but when

In today’s interconnected and digitized landscape, the inevitability of cyberattacks has transformed the question from a matter of ‘if’ to a matter of ‘when’. This paradigm shift underscores the critical importance of cybersecurity preparedness in the modern world. The notion that organizations and individuals will eventually experience a breach has compelled a shift from a reactive approach to a proactive and strategic stance in safeguarding digital assets.

August 27, 2023

Can ChatGPT takeover the role as a use case developer?

Currently, many people are talking about ChatGPT and how it will affect everybody’s life. Some (including me) are also investigating it. Therefore, let’s put it to the test. Does ChatGPT know how to find the right and relevant information to design and implement a use case around a password spray attack? Put differently, can ChatGPT replace the use case developer?

May 21, 2023

Can you piece back the puzzle of the timeline?

Sooner or later, the environment you are responsible for will be hit by a security incident. Small or big. But no matter how significant the incident is, the high-level steps to remediate the incident are the same. Identification, containment, eradication, and post-mortem. And each of these steps has one thing in common. The timeline. In order to contain the incident, you need to find both Patient Zero and Moment Zero. Most people are familiar with the term Patient Zero. But what is Moment Zero?

April 22, 2023

Judgment day: are you ready for it?

If you are a security professional, you know this day is coming. The day the security is breached. And you think you have all the relevant processes and procedures in place. Let’s zoom out a little bit. According to NIST, a security incident has five distinct phases: identification, containment, eradication,...

March 26, 2023

Do you have an effective cyber hunting team?

In cybersecurity, everything is evolving rapidly. It is an ongoing battle between adversaries and defenders. And the terrible thing is, the defenders indeed drew the short end of the stick. They need to defend against any type of threat while the adversary has the time and can sharpen and perfect his threat. Therefore, the logical question is ‘How do you keep up with the developments of the adversaries?’

March 12, 2023