VIDEO: An expedition that needs good preparation: TISAX® certification Success Story – CURVES MAGAZINE
An expedition that needs good preparation: TISAX® certification also for sole proprietorships! We show you how photographer Stefan Bogner was the first sole proprietor in Germany to achieve TISAX® certification.
Read more … VIDEO: An expedition that needs good preparation: TISAX® certification Success Story – CURVES MAGAZINE
The international standard ISO/IEC 27002 defines general measures for higher information security. In this way, it helps to implement the measures from Annex A of ISO/IEC 27001. A few weeks ago, the new version ISO/IEC 27002:2022 was published. What is new and what do the changes mean for companies?
Read more … The new ISO/IEC 27002:2022 – new structure for information security
VIDEO: From GAP analysis to audit: ISO 27001 Success Story – Fact Informationssysteme und Consulting AG
From GAP analysis to audit: All inclusive to ISO 27001 certification! We show you how Fact Informationssysteme und Consulting AG completely reorganized its IT security and data protection within one year.
Read more … VIDEO: From GAP analysis to audit: ISO 27001 Success Story – Fact Informationssysteme und Consulting AG
The BSI has declared a red alert level for the Log4j vulnerability on Saturday, Dec. 11, 2021. Numerous applications are threatened by the vulnerability. According to media reports, the affected applications include iCloud and Minecraft, as well as a system from Tesla. Various federal agencies are also threatened by the vulnerability.
The BayLDA has announced that it will conduct audits at companies to make them aware of ransomware attacks and query the protective measures implemented by the companies against such attacks. In the last six months alone, companies reported several hundred such attacks to the BayLDA. The victims of these attacks are small to large companies from a wide range of industries.
Read more … BayLDA conducts random checks to raise awareness against ransomware attacks
The German Federal Office for Information Security (BSI) and the German Federal Criminal Police Office (BKA) warn in a press release published on 02.12.2021 of increased attack risks (e.g. cyber attacks) on companies over the Christmas holidays this year.
Read more … BSI and BKA warn of cyber attacks over Christmas
In addition to information security and data protection, there is a third area in which the VDA-ISA defines requirements. In the video, we deal with this third area with the topic: “TISAX® prototype protection”.
Read more … VIDEO: TISAX® prototype protection – what are prototypes and what should be considered?
At the end of 2020, the EU Commission presented a draft for the Security of Network and Information Systems (NIS) 2.0 directive. This is intended to replace the NIS Directive, which became the first EU-wide cybersecurity law to come into force in August 2016. The new draft makes further demands on companies with regard to cybersecurity.
Read more … NIS2 – Security of Network and Information Systems 2.0 for more cybersecurity in the EU
The widespread Microsoft Exchange mail server has again been targeted by cyber criminals. Last week, security researcher Orange Tsai presented a new attack method called ProxyShell on said software at the BlackHat security conference. This now prompts criminals to actively look for this loophole and exploit it, as the evaluations of various honeypots show. In computer security, a honeypot is, for example, a server that simulates the network services of a computer, an entire computer network. Honeypots are used to obtain information about attack patterns and attacker behavior. Due to the information obtained in this way, this situation is to be regarded as very critical, especially if the Microsoft Exchange Server can be reached via the Internet, which is currently the case with over 400,000 servers.
Read more … Another vulnerability in Microsoft Exchange servers
von Das Team der aigner business solutions GmbH
Information security in the company is becoming increasingly important. In this context, the establishment and maintenance of an information security management system, ISMS for short, is of central importance. In order to successfully master this project, TISAX® and ISO 27001 are often referred to. This blog article will therefore highlight the difference between TISAX® and ISO 27001.