OT organizations are making progress in hardening their security, but their cyber teams still face significant challenges in securing converged IT/OT environments. Adopting essential tools and capabilities to enhance visibility and protections across the entire network will be vital for these organizations when it comes to reducing the mean time to detection and response.
A glance into how upcoming EU cyber legislative requirements prescribe enhanced approaches to the resilience of digital solutions and its properties with robust supply chain risk management efforts – steering the future of software security and compliance practices.
Last year, 2.3 million Dutch people were affected by a form of online crime, which is associated with huge financial losses, but above all affects trust in each other and in the digital infrastructure, according to the Cybercrime Assessment Netherlands 2024 by the OM and the Police.
CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero-tolerance-for-failure mindsets, according to analysts from Gartner.
In a packed Green Village, about 200 security experts got together to celebrate the very first CISODAY.
Missed CISODAY? Get a quick impression so you get the picture!
In this last episode, we talk to Floor van Eijk, CISO at NN Group, and nominated for the CISO of the Year Award 2024. Other guests are jury member Job Voorhoeve (Amrop) and CISODAY partners Boudewijn van Lith (Proofpoint) and Thijs Timmerman (KPMG).
In this episode, we talk to Jan Joost Bierhoff, Global CISO at Heineken, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelein van der Hout (Forrester) and CISODAY partners Marijn van Overveld (Noesis) and Daan Hakkert (IBM).
In this episode, we talk to Jeroen Schipper, CISO at Gemeente Den Haag, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelein van der Hout (Forrester) and CISODAY partners Vincent van Kooten (Netskope) and Mark van Leeuwen (Okta).
In this episode, we talk to Lies de Wit, CISO at Stater, and nominated for the CISO of the Year Award 2024. Other guests are jury member Job Voorhoeve (Amrop) and CISODAY partners Ivo van Bennekom (PwC) and Hans van den Boomen (CheckPoint).
In this first episode, we talk to Pieter van Houten, CISO at SHV, and nominated for the CISO of the Year Award 2024. Other guests are jury member Madelin van der Hout (Forrester) and CISODAY partners Mike Remmerswaal (Netskope) and Mark van Leeuwen (Okta). The host is Rob Beijleveld.
The government should actively support the business community in the fight against cybercrime through targeted measures such as investment deductions and reduced VAT rates for security services.
More than a third of all Dutch companies failed a compliance audit in the past 12 months. As a result, they are ten times more likely to suffer a data breach. Ten percent of Duch companies became victim of a ransomware attack. Of all those, four percent paid a ransom.
In March, Gartner revealed its cybersecurity predictions for 2024 and beyond. Its analysts believe generative AI (GenAI) adoption will close the cybersecurity skills gap and reduce employee-driven cybersecurity incidents. They also predict that two-thirds of global 100 organizations will extend directors and officers insurance to cybersecurity leaders due to personal legal exposure.
Over two-thirds of Dutch employees knowingly put the organization at risk, leading to ransomware or malware infections, data breaches or financial loss. More than four in five of the organizations surveyed experienced at least one successful attack by 2023.
On February 29, the central government launched the NIS2 Quick Scan that allows organizations to prepare for the new European NIS2 directive. This directive is aimed at increasing the digital resilience of companies and organizations in the EU.
You frequently see the CISO/Privacy Officer roles combined. I did combine it myself for a while. Even though the two topics overlap, they are also very different. Because the interests (data subjects vs. organization) are apart and also the scope differs from each...
Hackers are invaluable to your organization. They have the time and motivation to fiddle endlessly with a thread until an entire sweater is reduced to a pile of yarn. Whereas pen testers have limited time and are paid by the hour, reporters at a CVD often charge nothing at all. All they want is a T-shirt and an honorable mention. How do you get them to work for you?
The board of CISO Platform Nederland, the non-profit association of CISO community Nederland, is complete: CISOs Dimitri van Zantvliet, Luisella ten Pierik, Mahdi Abdulrazak, Justin Broeders and co-founder Rob Beijleveld officially joined the organization’s board on February 16.
Originally a talk I gave at a lunch meeting with several ZBOs. ZBO stands for independent administrative body. These are the government agencies that have independent governance but belong to a ministry. That this is a complex construction, you will already...
''We are ISO certified and therefore 100% cyber-secure!'' A statement that I think few security experts will endorse. And yet, compliance is an important and sometimes useful tool within information security. With the current laws and regulations, you can't really...
Logging and monitoring. A golden duo. But what exactly is that - logging? And how do you do it properly? I hear a lot of talk about the ''next gen'' solutions like XDR and the ''SIEM is dead.'' But is that really true? If most organizations don't even have their...
Businesses are not the only parties experiencing problems with implementing of the new European guidelines for Network and Information Security (NIS2) and the Critical Entity Resilience Directive (CER). In the Netherlands, the preparations for the consultation on the Dutch implementation of these European directives are already delayed.
''Gives solicited and unsolicited advice'' is often in our job description. Giving advice is a skill. One which is relevant to a range of roles within information security. For (C)ISOs as well as consultants and pentesters. But how do you give good advice? What is the...
A quality risk analysis is one that you, the expert, stand behind. You must be able to explain and defend the outcome. Risk analyses are used to identify risks, determine measures and put responsibility where it belongs. But after the report you (C)ISO are not...