Article Cybersecurity ECS Educational General Security

Risk Assessment of AWS services used in building a resilient Web App on AWS

We wrote here in the article “Building Resilient Web Applications on AWS: A Comprehensive Approach to Security” how to use certain AWS services to implement a resilient web based application. The services mentioned require also a brief analysis in respect to Security, Confidentiality, Integrity, Availability and Privacy.   CloudTrail AWS CloudTrail records API calls and creates […]

Article Cybersecurity ECS Educational privacy Security

Evolving beyond your core expertise: it’s time to add security

This post is for creators of digital services like optimization tools,  VPN solutions, Backup and Disaster Recovery tools, Parental control tools, Identity protection tools, Privacy tools, Email clients, Browsers and many others. Your products are doing a good job in the dynamic landscape of digital services, and it is amazing of how much commitment and […]

AI & ML Article Cybersecurity ECS Educational General News privacy Security

Balancing functionality and privacy concerns in AI-based Endpoint Security solutions

The integration of Artificial Intelligence (AI) in endpoint security has revolutionized the way organizations protect their devices and data. Ok, let’s take a break here: have you read the article about Artificial Intelligence vs. Machine Learning ?   By leveraging AI and machine learning models that analyze user behavior on devices, organizations can detect anomalies […]

Cybersecurity ECS Educational NIS2 Security

Demystifying cybersecurity terms: Policy, Standard, Procedure, Controls, Framework, Zero Trust

I am often asked what is the difference between Policy, Standard, Procedure in cybersecurity. Well, here it is: 1. Cybersecurity Standard A cybersecurity standard is a set of guidelines, criteria, or best practices that organizations follow to ensure that their security controls and procedures align with industry standards or regulatory requirements. Standards provide a benchmark […]

ECS General Security

NIS2: 1. Perform a gap analysis

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the first step in implementing NIS2 requirements is to perform a gap analysis.   The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you comparing the existing situation. It is usual when performing a gap analysis of security maturity […]

Automotive Cybersecurity ECS Educational General NIS2 Security

How-To: NIS2 EU Directive

The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member States’ cybersecurity capabilities, its implementation proved difficult, resulting in fragmentation at different levels across the […]

Article Cybersecurity ECS General Security

The Importance of Training Employees in Cybersecurity

In today’s increasingly interconnected world, cyber threats pose a significant risk to businesses of all sizes. As technology advances, cybercriminals become more sophisticated, making it imperative for organizations to prioritize cybersecurity measures. While investing in robust infrastructure and advanced tools is crucial, one often overlooked aspect is the training of employees. This article aims to […]