In December 2020 the European Commission published a proposal to repeal the current NIS Directive (European Directive on Network and Information Systems) and to replace it with a new Directive: the so-called NIS-2 Directive. This post will give an update on the status of negotiations of NIS-2, and will outline the aspects we already know and don’t know about the upcoming Directive’s final form.
ESA focus group – 27 November 2019 – ESA Practice and API Security Architecture
27 november 2019 – Cyber Security Coalition
The agenda of the November session listed two distinct topics. The first one, brought by ING, forced us to take a distance from our day-to-day, technical focus and reflect on the purpose, mission, values and impact of our practices. The relative gap in maturity, initially perceived by some members, clearly is no longer an impediment to actively participating to open discussions among trusted members, boosting the sharing and value creation! Concrete proposed actions resulting from this activity are the co-creation and application of an ESA maturity model and the edition of an article on what enterprise security architecture is about and how the Coalition can help member and non-member organizations in achieving professional standards.
The second topic, jointly brought by BNP Paribas Fortis and Proximus, took a closer look into the API management domain, one of the pillars of enterprise digital transformation. Several architecture views, access control mechanisms and secure reference designs were elaborated. Three concrete patterns were analyzed for trade-offs between their protection level and the implied management effort.
On the picture, from left to right: Sven Vermeulen (KBC Group), Peter Spiegeleer (Proximus), Coen De Roover (VUB)
Ransomware – today’s universal cyberworry – is but one aspect of a crime: cyber extortion. Orange Cyberdefense provides some insights into this scourge, based on its ‘Security Navigator 2022’-report.
The Cyber Security Coalition and top cybersecurity trainer SANS Institute joined forces to provide specially needed insights and recommendations on successful cloud security, as well as how to handle cyber security in these times of war.
It is easy to drown in the sea of dire warnings about the danger of AI, in particular to our privacy. The main point is that AI in good trust is possible, but requires solid, long term and well-structured approaches. This session of the Privacy focus group offers some crucial insights and welcome examples.
On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.