Defense in Depth
Food for thought on the public holiday in Germany: What is defense in depth and why should you consider it?
Food for thought on the public holiday in Germany: What is defense in depth and why should you consider it?
Getting ready for my talk at Verband Deutscher Eisenbahn-Ingenieure e.V. (VDEI) Fachtagung Cybersecurity 2022. I’ll be speaking about Security for Safety and will be sharing a couple of lessons learned and best practices from real world projects at ICS – Informatik Consulting Systems.
There was an interesting article published about Bing’s AI chat bot using a LLM (Large Language Model) this weekend in the New York Times. A clear recommendation for reading:Why a Conversation With Bing’s Chatbot Left Me Deeply Unsettled – The New York Times
This post is a great example, that a spear phishing attack also works in the offline world. It does not always have to be an e-mail! Thank you to Marc Torke for sharing this. The letter in the picture is claiming to come from an official German court and was sent to a newly founded…
I’m happy to share that last weekend I passed the Microsoft Certified: Azure AI Fundamentals certification exam. As a rail security professional, why am I sitting for an AI-related exam when I’m not a data scientist? The rail industry is moving more and more towards interconnected technical solutions. Of course, we are not yet seeing…
New MS Exchange zero-day: https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-258168-1032.html
This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education. Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management. Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess…