Article Cybersecurity ECS Educational

Authentication vs. Authorization

These two fundamental concepts play a pivotal role in ensuring the integrity and security of digital systems. While these terms are often used interchangeably, they represent distinct and equally essential aspects in the world of identity and access management (IAM), which safeguards sensitive information and resources . Executive summary Authentication confirms that users are who they […]

Cybersecurity ECS Educational NIS2 Security

Demystifying cybersecurity terms: Policy, Standard, Procedure, Controls, Framework, Zero Trust

I am often asked what is the difference between Policy, Standard, Procedure in cybersecurity. Well, here it is: 1. Cybersecurity Standard A cybersecurity standard is a set of guidelines, criteria, or best practices that organizations follow to ensure that their security controls and procedures align with industry standards or regulatory requirements. Standards provide a benchmark […]

Cybersecurity ECS Educational General NIS2

NIS2: 3.Establish a cybersecurity framework

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd  step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ .   Establishing a cybersecurity framework is critically important for organizations of all sizes and types because it is […]

Automotive Cybersecurity ECS Educational NIS2

How to implement an Information Security Management System (ISMS)

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd  step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . An ISMS is typically based on the ISO 27001 standard, which provides a framework for establishing, implementing, maintaining, […]

Cybersecurity ECS Educational NIS2

NIS2: 2.Designate a responsible person or team

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to ensure its success. NIS2 implementation and compliance is a project, and as any project must […]

Automotive Cybersecurity ECS Educational General NIS2 Security

How-To: NIS2 EU Directive

The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member States’ cybersecurity capabilities, its implementation proved difficult, resulting in fragmentation at different levels across the […]

Automotive Educational General IoT

Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions

This is the second article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying […]