Entries by Wouter Avondstondt

,

Digital identities on the blockchain

Digipolis, the IT provider for several belgian cities, including Toreon’s hometown of Antwerp, hosted a great event on 24/5 around identities on the blockchain. Most important subject was the creation of ‘self-souvereign identities’. These allow individuals to take control over their identity and the dissemination of personal information. Trust in a person’s identity can be…

Security of Normalized Systems

I had an interesting conversation with Prof. Dr. Jan Verelst of the University of Antwerp. They (Prof. Dr. Jan Verelst together with Prof. Dr. Herwig Mannaert) created the theory of normalized systems. A normalized system is created following a set of rules, which ends up making the software as ‘atomic’ or ‘modular’ as possible. Software modules are…

Why I’m happy to help the CCB

As you may know, the CCB (Center for Cybersecurity Belgium) is working on a vulnerability disclosure policy. It is meant to be an enabler for ethical hacking in Belgium. Organisations embracing and publishing such a policy can allow (external) ethical hackers to verify and test their security posture and to disclose any issues found, in…

The colour of the hacker’s hat

On October 25 the CIOforum, ISACA Belgium and Antwerp Management School organise a CIO Speaker’s Café on cybersecurity in Technopolis, Mechelen. Access is free, and I’ll be there to talk about hackers and IT/OT (aka Information Technology and Operational Technology). Interested in a sneak preview? Hackers with different hats First on the agenda: the different…

Toreon partners up with Nymity for GDPR compliance

We’ve signed an agreement with Canadian firm Nymity Inc., the global privacy research company, which allows us the use of their specialised privacy management platform. Consequently, we will be able to even better support the delivery of implementation services to comply with the EU’s General Data Protection Regulation (GDPR), which comes into force in May 2018.…

How secure is your remote management solution?

When we perform security assessments for ICS (industrial constrol system) customers, we often notice that several different remote access paths for suppliers are used for remote management purposes. Most of these are established through a separate DSL line. Makes sense, right? A solution like this makes it easier for the vendor to provide remote maintenance. The…

,

The NIST Cybersecurity Framework: what it is and why you should use it

The latest ‘RSA Cybersecurity Poverty Index’ – an annual maturity self-assessment completed by a variety of organisations all over the world – shows that 67% of organisations had incidents that negatively impacted their business in the last 12 months. Only 24% of those businesses were considered mature in their security strategy. That means that the…