In December 2020 the European Commission published a proposal to repeal the current NIS Directive (European Directive on Network and Information Systems) and to replace it with a new Directive: the so-called NIS-2 Directive. This post will give an update on the status of negotiations of NIS-2, and will outline the aspects we already know and don’t know about the upcoming Directive’s final form.
Experience Sharing Day on Application Security – 12 March 2020
13 maart 2020 – Cyber Security Coalition
The recent ‘Application Security’ Experience Sharing Day covered several Belgian research projects on advanced security approaches. At the VUB, Thierry Renaux looks into automated monitoring using ‘complex event processing’ in order to detect network, operations and transaction anomalies, at run time. Axel Legay (UCL) dived into tools and means to improve on the YARA-based malware-analysis, including machine learning, symbolic analysis and graph mining. Jeremy Grandclaudon’s (Cetic) participation in Europe’s SPARTA project envisages changing the nature of security from reactive to adaptive. From a commercial point of view, John Matthew Holt (CTO, Waratek) proposed apps protection through modernizing agents, without changing application code. Pascal Matthieu (BNP Paribas Fortis) illustrated the advantages of a security architecture team in enterprises, and encouraged members of the Coalition to join the ‘Enterprise Security Architecture’ focus group. Of utmost importance remain ‘security by design’ efforts from day ‘zero’ when developing new applications, and investment in ‘secure software developers’.
Ransomware – today’s universal cyberworry – is but one aspect of a crime: cyber extortion. Orange Cyberdefense provides some insights into this scourge, based on its ‘Security Navigator 2022’-report.
The Cyber Security Coalition and top cybersecurity trainer SANS Institute joined forces to provide specially needed insights and recommendations on successful cloud security, as well as how to handle cyber security in these times of war.
It is easy to drown in the sea of dire warnings about the danger of AI, in particular to our privacy. The main point is that AI in good trust is possible, but requires solid, long term and well-structured approaches. This session of the Privacy focus group offers some crucial insights and welcome examples.
On computer security day we pay tribute to Ada Lovelace, the forgotten mother of the computer. Often described as the first computer programmer — before computers were even invented — Ada was a real visionary. Imagine what she might have achieved had Babbage actually built his “computer” and she hadn’t died at the age of 36.