Every year, the challenge of protecting our IT assets from growing threats and cyber attacks is growing. Once some malicious application is in our network and later can quickly move with traffic and produce a big impact in our the network. These attacks can be devastating. I created a presentation where I explain in details this topic, you can see my presentation here (in Spanish): ¿Cuáles son los peligros a los que se enfrenta su sistema informático? from Ramiro CidRead More →

In times when Cloud Computing, Internet of Things, mobile devices (including environments BYOD) are an increasingly widespread reality (and unstoppable future), thereby opening backdoors to our corporate network (and their respective threats), which place touches the IT security officer to manage an increasingly large number of hits and risks? Where is our corporate perimeter? Block accesses can talk or we have only to settle for being resilient to attacks due to a lack of control visibility and access control? Many doubts are raised, the market has responded and there are technological and non-technological solutions that seek to remedy the growing risk are suffering the organizations withRead More →

Cyber Security Resilience & Risk Aggregation concepts have a near relationship because Risk aggregation refers to efforts done by firms to develop quantitative risk measures that incorporate multiple types or sources of risk. Cyber Security Resilience is the capacity to have different Cyber controls which can provide the organization an adequate resilience according the organization risk appetite by doing risk management of the aggregation of multiple types or sources of risk. One interesting topic is Internet of Things (IoT) which is increasing in our personal and professional life. The more assets are “shared” (including Critical Infrastructures and Smart Cities IT assets) the more risk we areRead More →

On 14/04/2016 EU Data Privacy had been approved the regulation which is, nowadays, mandatory. However companies have 2 years to carry out its suitability before receiving an economic penalty for not having completed it. On 04/05/2016 EU Data Privacy regulation had been published in the official bulletin of the European Union, after 20 days (25/05/2016) the new EU Data Privacy regulation became official. The General Data Protection Regulation (GDPR) have big economic penalties which will start to be real after 2 years this regulation was approved so: May 2018 Penalties of 10 millions or up to 2% of global turnover for the previous year and 20 millionsRead More →

Nowadays the payment fraud landscape is changing quite fast. Changing from classic schemes as bank cheque fraud, faked manual payment orders to organized crime with corporate as targets. Understanding fraud also occurs when dishonest acts are committed without personal gain but are intended to create a loss or risk of loss for another person or entity. This includes the intentional misrepresentation of financial condition. I created a presentation where I explain in details this topic, you can see my presentation here: Payment fraud from Ramiro CidRead More →

Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc. All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks. People is normally “the weak link in the chain”. I created a presentation where I explain in details this topic, you canRead More →