von Jan

An expedition that needs good preparation: TISAX® certification also for sole proprietorships! We show you how photographer Stefan Bogner was the first sole proprietor in Germany to achieve TISAX® certification.

Read more …

von Jan

The international standard ISO/IEC 27002 defines general measures for higher information security. In this way, it helps to implement the measures from Annex A of ISO/IEC 27001. A few weeks ago, the new version ISO/IEC 27002:2022 was published. What is new and what do the changes mean for companies?

Read more …

von Jan

From GAP analysis to audit: All inclusive to ISO 27001 certification! We show you how Fact Informationssysteme und Consulting AG completely reorganized its IT security and data protection within one year.

Read more …

von Jan

The BSI has declared a red alert level for the Log4j vulnerability on Saturday, Dec. 11, 2021. Numerous applications are threatened by the vulnerability. According to media reports, the affected applications include iCloud and Minecraft, as well as a system from Tesla. Various federal agencies are also threatened by the vulnerability.

Read more …

von Jan

The BayLDA has announced that it will conduct audits at companies to make them aware of ransomware attacks and query the protective measures implemented by the companies against such attacks. In the last six months alone, companies reported several hundred such attacks to the BayLDA. The victims of these attacks are small to large companies from a wide range of industries.

Read more …

von Jan

The German Federal Office for Information Security (BSI) and the German Federal Criminal Police Office (BKA) warn in a press release published on 02.12.2021 of increased attack risks (e.g. cyber attacks) on companies over the Christmas holidays this year.

Read more …

von Jan

In addition to information security and data protection, there is a third area in which the VDA-ISA defines requirements. In the video, we deal with this third area with the topic: “TISAX® prototype protection”.

Read more …

von Jan

At the end of 2020, the EU Commission presented a draft for the Security of Network and Information Systems (NIS) 2.0 directive. This is intended to replace the NIS Directive, which became the first EU-wide cybersecurity law to come into force in August 2016. The new draft makes further demands on companies with regard to cybersecurity.

 

Read more …

von Jan

The widespread Microsoft Exchange mail server has again been targeted by cyber criminals. Last week, security researcher Orange Tsai presented a new attack method called ProxyShell on said software at the BlackHat security conference. This now prompts criminals to actively look for this loophole and exploit it, as the evaluations of various honeypots show. In computer security, a honeypot is, for example, a server that simulates the network services of a computer, an entire computer network. Honeypots are used to obtain information about attack patterns and attacker behavior. Due to the information obtained in this way, this situation is to be regarded as very critical, especially if the Microsoft Exchange Server can be reached via the Internet, which is currently the case with over 400,000 servers.

Read more …

von Das Team der aigner business solutions GmbH

Information security in the company is becoming increasingly important. In this context, the establishment and maintenance of an information security management system, ISMS for short, is of central importance. In order to successfully master this project, TISAX® and ISO 27001 are often referred to. This blog article will therefore highlight the difference between TISAX® and ISO 27001.

Read more …