Tag: cybersecurity

Cybersecurity IT Decision-makers Tech Magazine

Strengthening Your Business’s Digital Resilience: Practical Strategies for Success

Post author By Mindquest
Post date 18th April 2024
No Comments on Strengthening Your Business’s Digital Resilience: Practical Strategies for Success

In today’s digital age, businesses face an array of cyber threats that can disrupt operations, compromise sensitive data, and damage reputation. At Mindquest, we understand the importance of digital resilience in safeguarding businesses against these threats. Therefore, we discuss practical strategies that businesses can implement to fortify their digital resilience and ensure long-term success.

Find your next assignment on our freelance and permanent IT recruitment platform, or join Mindquest so you don’t miss out on any job opportunity!

What are Digital Resilience Strategies?

A digital resilience strategy refers to a proactive approach taken by businesses to mitigate the impact of cyber threats and disruptions on their operations, data, and reputation. It also involves implementing a combination of technical controls, employee training, incident response plans. And collaboration with cybersecurity partners to fortify defenses and ensure business continuity in the face of cyber attacks. A digital resilience strategy aims to build adaptive and agile business processes that can withstand and recover from cyber incidents effectively.

Also read our article about European Cybersecurity Policy for Businesses.

Strategies for digital resilience

In this blog post, we’ve explored practical strategies for businesses to strengthen their digital resilience in the face of evolving cyber threats

1. Invest in Cybersecurity Training and Education

Firstly, one of the most effective ways to enhance digital resilience is by investing in cybersecurity training and education for employees. Provide regular training sessions to educate staff about common cyber threats, phishing scams, and best practices for data protection. By empowering employees with the knowledge and skills to identify and mitigate risks, businesses can also create a culture of cybersecurity awareness throughout the organization.

You can also read : 10 experts in cybersecurity to follow

2. Implement Multi-Layered Security Measures

Then, a robust cybersecurity strategy should include multi-layered security measures to protect against various types of cyber threats. Implement firewalls, antivirus software, intrusion detection systems, and encryption technologies to safeguard network infrastructure and sensitive data. Additionally, consider implementing multi-factor authentication to add an extra layer of security to user accounts and prevent unauthorized access.

3. Keep Software and Systems Up to Date

Moreover, outdated software and systems are often vulnerable to cyber attacks, as they may contain known security vulnerabilities. Ensure that all software applications, operating systems, and firmware are regularly updated with the latest security patches and fixes. Also, establish a patch management process to monitor for updates and apply them promptly to minimize the risk of exploitation by cybercriminals.

Also read our Cybersecurity Expert Job Description

4. Conduct Regular Security Audits and Risk Assessments

In addition, regular security audits and risk assessments are essential for identifying vulnerabilities and weaknesses in business systems and processes. Also, conduct comprehensive assessments to identify potential security gaps, evaluate existing controls, and prioritize remediation efforts. By proactively addressing security risks, businesses can strengthen their digital resilience and minimize the likelihood of cyber attacks.

5. Establish Incident Response Plans

Then, despite best efforts to prevent cyber attacks, businesses should be prepared to respond effectively in the event of a security incident. Establish incident response plans outlining roles, responsibilities, and procedures for detecting, containing, and mitigating cyber threats. Also, conduct regular tabletop exercises and simulations to test the effectiveness of incident response plans. And ensure that employees are prepared to respond to real-world scenarios.

Also read how Securing Smart Devices at Home

6. Foster Collaboration with Cybersecurity Partners

In conclusion, collaboration with cybersecurity partners, such as managed security service providers (MSSPs) or cybersecurity consultants, can provide businesses with additional expertise and resources to enhance digital resilience. Partner with reputable cybersecurity firms to conduct security assessments, develop customized security solutions, and provide ongoing support and monitoring. By leveraging external expertise, businesses can strengthen their cybersecurity posture and stay ahead of evolving threats.

Need advice on how to start or develop your freelance consulting business in tech or IT? Need to start a new permanent or freelance assignment? Join Mindquest and get support from our team of experts.

Tags business resilience, cybersecurity, Digital Resilience

Cybersecurity IT Decision-makers Tech Magazine

European Cybersecurity Policy for Businesses: Everything You Need to Know

Post author By Mindquest
Post date 15th April 2024
No Comments on European Cybersecurity Policy for Businesses: Everything You Need to Know

European Cybersecurity Regulations for Businesses

As we live in a digitalized world, businesses find themselves intricately intertwined with technology, making cybersecurity indispensable for their survival and success. As European businesses embark on their digital journey, safeguarding their operations and assets from a myriad of cyber threats becomes paramount. This comprehensive exploration delves into European cybersecurity policy tailored to fortify businesses’ digital resilience, ensuring they navigate the digital frontier securely and confidently.

Find your next assignment on our freelance and permanent IT recruitment platform, or join Mindquest so you don’t miss out on any job opportunity!

Navigating the Digital Frontier

For businesses, the digital frontier presents both opportunities and challenges. The COVID-19 pandemic accelerated digital transformation, emphasizing the critical need for robust cybersecurity measures to protect business operations and assets. As businesses increasingly rely on digital infrastructure for operations and customer interactions, the importance of comprehensive cybersecurity strategies cannot be overstated.

You can also read : 10 experts in cybersecurity to follow

What is a cyber security policy for business?

A cybersecurity policy for business is a comprehensive set of guidelines, procedures, and protocols that outline how an organization will protect its digital assets, information, and systems from cyber threats.

This policy typically covers various aspects of cybersecurity, including data protection, network security, employee training, incident response, and compliance with relevant regulations and standards. It serves as a roadmap for ensuring the confidentiality, integrity, and availability of the organization’s data and systems while minimizing the risks posed by cyber attacks and breaches.

Additionally, the policy may include provisions for risk assessment, access control, encryption, and regular security audits to continually assess and enhance the organization’s cybersecurity posture.

Ultimately, a well-defined cybersecurity policy is essential for businesses to effectively manage cyber risks and safeguard their operations, reputation, and customer trust in today’s digital landscape.

Also read our blog post about practical strategies for businesses to strengthen their digital resilience

The European Cybersecurity Landscape: A Strategic Imperative

At the heart of the EU’s cybersecurity efforts lies a framework designed to foster resilience, promote innovation, and ensure collaboration in the face of emerging cyber threats. The EU Cybersecurity Strategy provides a roadmap for businesses to enhance their cybersecurity posture and navigate the digital landscape securely.

Why Enterprise Cybersecurity Should Start at the Boardroom Level

Resilience, Sovereignty, and Leadership: Pillars of Cybersecurity Strategy

Resilience, technological sovereignty, and collaborative leadership emerge as the guiding principles of the EU’s cybersecurity strategy. By fortifying essential services, nurturing technological autonomy, and fostering collaborative leadership, the EU endeavors to navigate the digital landscape securely. Initiatives such as the Joint Cyber Unit exemplify the EU’s commitment to collective action and rapid response in the event of cyber incidents. Underscoring the importance of solidarity and cooperation in safeguarding the digital realm.

Also read how Securing Smart Devices at Home

Operational Capacity and Response: Mobilizing Cyber Defenses

Operational capacity and rapid response mechanisms are fundamental for businesses to mitigate cyber threats effectively. The Cyber Resilience Act, enacted in 2024, strengthens cybersecurity rules to promote the security of hardware and software products, enhancing overall cyber resilience within the EU. Investments in cyber capacities further empower businesses to detect, deter, and respond to cyber threats proactively.

Also read What is DevSecOps? Software Development Security

Global Cooperation and Open Cyberspace: Fostering Collaborative Security

In an interconnected world, global cooperation is paramount to safeguarding cyberspace. The EU also advocates for an open and secure internet, fostering collaboration with international partners to advance cybersecurity norms and standards. Therefore, initiatives such as the EU-US Cyber Dialogue exemplify the EU’s commitment to global cyber resilience. Thus underscoring the importance of multilateral cooperation in addressing shared cyber challenges.

Navigating the Legislative Framework: European Cybersecurity Policy

European cybersecurity policy provide a robust framework aimed at ensuring a high common level of cybersecurity across businesses. Directives such as the NIS2 Directive mandate measures for enhancing cybersecurity resilience, while regulations like the Cybersecurity Act establish EU-wide certification frameworks to instill trust in IT products and services. Also, the proposed Cyber Solidarity Act underscores the EU’s commitment to collective defense and solidarity in the face of emerging cyber risks, providing a legal framework for businesses to collaborate and respond to cyber threats collectively.

Investing in Cybersecurity: Empowering Innovation and Resilience

Investment in cybersecurity also emerges as a strategic imperative for the EU. Thus reflecting its commitment to fostering innovation and resilience in the digital domain. This is why initiatives such as Horizon Europe and the Digital Europe Programme allocate significant resources to cybersecurity. And this in terms of research, innovation, and capacity building. Ensuring that the EU remains at the forefront of cyber resilience and technological innovation. By investing in cyber capacities and deployment, the EU seeks to strengthen its cyber defenses. In addition they adapt proactively to emerging cyber threats, underscoring the importance of strategic investment in safeguarding the digital realm.

Also read our Cybersecurity Expert Job Description

Building Cyber Skills and Awareness: Empowering the Digital Workforce

A skilled workforce and heightened public awareness are indispensable to effective cybersecurity. The EU invests in cybersecurity education and training initiatives to address the skills gap and empower individuals to navigate the digital landscape securely.

Initiatives such as the EU Cyber Skills Academy and the European Cyber Security Month underscore the EU’s commitment to building cyber skills and awareness, fostering a culture of cybersecurity across society.

Engaging in Cyber Dialogues: Nurturing Collaborative Partnerships

Cyber dialogues serve as platforms for nurturing collaborative partnerships and advancing shared interests in cybersecurity policy. Through initiatives such as the EU-US Cyber Dialogue and partnerships with countries like India and Japan, the EU fosters cooperation. Moreover it builds capacity, and addresses emerging cyber threats collectively. By engaging in cyber dialogues, the EU reaffirms its commitment to multilateralism and collaborative security in cyberspace. Thus underscoring the importance of dialogue and cooperation in addressing shared cyber challenges.

Demystifying European Cybersecurity: Answering Key Questions

In the dynamic landscape of the digital age, European cybersecurity laws play a pivotal role in ensuring a high common level of cybersecurity across member states.

‍ What is the cyber law in Europe?

European cybersecurity laws are governed by directives and policy aimed at ensuring a high common level of cybersecurity across businesses operating within the EU.

At the forefront of European cybersecurity legislation stands the NIS2 Directive. A cornerstone directive aimed at enhancing the security of network and information systems across critical sectors. Enacted to address the cross-border nature of cyber threats, the NIS2 Directive mandates measures for identifying, managing, and mitigating cybersecurity risks. Thus ensuring a coordinated approach to cyber resilience across member states.

What is the EU Cyber Resilience Act 2024?

Complementing the NIS2 Directive is the Cyber Resilience Act, enacted in 2024 to bolster cybersecurity rules. Moreover it promotes the security of hardware and software products. By establishing robust cybersecurity requirements for digital elements, the Cyber Resilience Act enhances overall cyber resilience within the EU. Thus mitigating vulnerabilities and fortifying the digital ecosystem against evolving threats.

What is the EU policy on cyber Defence?

The EU’s policy on cyber defense focuses on enhances coordination, cooperation, and investments in cyber defense capabilities. Central to this policy is the imperative to protect citizens and business from cyber threats through collaborative partnerships.

Initiatives such as the Cybersecurity Act and Cyber Solidarity Act underscore the EU’s commitment to fostering a secure cyber environment. The Cybersecurity Act, with its EU-wide certification framework, instills public trust in IT products and services. Thus ensuring stringent cybersecurity standards across the digital landscape. Meanwhile, the Cyber Solidarity Act, proposed to improve the EU’s response to cyber threats. It emphasizes collective defense and solidarity in the face of emerging cyber risks, fostering resilience and collaboration across member states.

What is the Regulation of cyber security?

European cybersecurity policy encompass directives and regulations aimed at establishing a high common level of cybersecurity across businesses operating within the EU. These regulations span a spectrum of measures. From enhancing resilience and operational capacity to promoting global cooperation and investment in cybersecurity initiatives.

The regulatory landscape is characterized by a commitment to fostering innovation, resilience, and collaboration in the face of evolving cyber threats. By establishing clear guidelines and standards, European cybersecurity policy empower stakeholders to navigate the digital landscape securely. Thus fostering trust and confidence in the digital ecosystem.

Conclusion: Navigating the Digital Frontier

In conclusion, in an era defined by rapid technological advancement and interconnectedness, European cybersecurity legislation serves as a beacon of resilience, innovation, and collaboration for businesses. By fortifying critical infrastructure, enhancing cyber defense capabilities, and fostering global partnerships, the EU also endeavors to safeguard its citizens and businesses in an increasingly digitized world.

Legend of terms and acronyms

Last but not least, here is a list of terms and acronyms used in this guide for an easier and pleasant reading.

NIS2 Directive: Directive on Security of Network and Information Systems 2
Cyber Resilience Act: Legislation aimed at enhancing cyber resilience
Horizon Europe: EU Research and Innovation Framework Programme
EU Cyber Skills Academy: Educational initiative for cybersecurity skills training
EU-US Cyber Dialogue: Dialogue between the EU and the United States on cybersecurity
EU Cybersecurity Strategy: Strategic framework for EU cybersecurity
Joint Cyber Unit: EU initiative for collaborative cyber incident response
Digital Europe Programme: EU programme for digital transformation
Cyber Solidarity Act: Proposed legislation to improve EU’s response to cyber threats
NIS2 Directive: Directive on Security of Network and Information Systems 2
Cybersecurity Act: EU legislation establishing cybersecurity certification frameworks
EU-US Cyber Dialogue: Dialogue between the EU and the United States on cybersecurity

Tags cybersecurity, Cybersecurity regulations, EU Cybersecurity Low

Cybersecurity Tech Magazine

Mobile Application Security Development Cheat Sheet

Post author By Mindquest
Post date 27th February 2024
No Comments on Mobile Application Security Development Cheat Sheet

The development of mobile applications presents some unique security challenges compared to web applications and other forms of software. Therefore, this cheat sheet provides guidance on security considerations for mobile application development. It is a starting point for developers to consider security in mobile application development.

Don’t just build apps; build secure digital experiences

Download your essential guide to fortifying your applications from the ground up. From secure architecture principles to user authentication best practices, this cheat sheet is your go-to resource for ensuring airtight security in every line of code. To do so, download our comprehensive Mobile Application Security Cheat here.

Why Mobile App Security Matters

Security is not an afterthought; it’s the foundation. A secure mobile app starts with a secure design. Following principles like least privilege, defense in depth, and separation of concerns lays the groundwork for a robust security architecture. In addition, the National Institute of Standards and Technology (NIST) and the Internet Engineering Task Force (IETF) provide industry standards and best practices to guide developers in creating applications with security at their core.

Also read our article about Web Development programming skills and professions

The Building Blocks: Architecture & Design

Secure by Design: Opt for a secure design at the inception of development. Security should not be an add-on but an integral part of the development process.
Secure APIs: The communication between your mobile app and backend services must be secure. Utilize OAuth2, JWT, or similar protocols for authentication.
Principle of Least Privilege: Only request the permissions your app needs. This applies to both user-granted device permissions and permissions granted by backend services.
Supply Chain: Third-party libraries bring efficiency but can also introduce security unknowns. Ensure app signing, use trusted libraries, and establish controls for updates, patches, and releases.

Ensuring User Authentication & Authorization

Authentication is a complex landscape, and overlooking it can lead to significant pitfalls. Here’s how to navigate it securely:

Don’t Trust the Client: Perform authentication/authorization server-side. Load data on the device only after successful authentication.
Credential Handling: Never hardcode credentials. Encrypt them during transmission and consider secure, revocable access tokens.
Password and PIN Policy: Enforce password complexity, disallow short PINs, and use platform-specific secure storage mechanisms.
Biometric Authentication: Utilize platform-supported biometric authentication methods with a reliable fallback, such as a PIN.
Session Management: Implement timeouts, remote logout features, and use randomly generated session tokens.

Protecting User Data: Data Storage & Privacy

Data Encryption: Encrypt sensitive data both at rest and in transit. Use platform APIs for encryption; avoid implementing custom encryption algorithms.
Data Leakage: Then, beware of potential leaks through caching, logging, and background snapshots. Refer to the Logging Cheat Sheet to safeguard against data that should not be logged.
Use HTTPS: Also, always use HTTPS for network communications. Ensure third-party libraries are secure and up-to-date.

Navigating Network Communication Challenges

Don’t Trust the Network: Firstly, assume all network communication is insecure and can be intercepted.
Use Secure Protocols: Then, employ HTTPS for all network communication. Avoid mixed-version SSL sessions.
Certificate Pinning: Also, consider certificate pinning to enhance security.

User Interface Best Practices

UI Data Masking: Mask sensitive information on UI fields to prevent shoulder surfing.
User Notifications: Keep users informed about security-related activities, such as logins from new devices.
Input Validation: Validate and sanitize user input. Refer to the Input Validation Cheat Sheet for detailed insights.

Code Quality: A Developer’s Responsibility

Application security testing: Use tools for vulnerability identification, such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing) and IAST (Interactive Application Security Testing).
Code Reviews: Make security a focus during reviews.
Update Libraries: Keep libraries up to date to patch vulnerabilities.
Software composition analysis (SCA): Identify the open source software in a codebase.

Ensuring Application Integrity & Testing Strategies

Application Integrity: Disable debugging, validate code integrity, and obfuscate the app binary.
Testing: Conduct penetration testing, automated tests, and usability testing to ensure robust security features.

Post-Deployment Considerations

Incident Response: Firstly, have a clear incident response plan in place.
Updates: Then, plan for regular updates and patches. Implement mechanisms to prompt users to update their app versions when necessary.
Monitoring and Analytics: Also, use real-time monitoring to detect and respond to potential threats.

Platform-Specific Guidance

Android: Use ProGuard for code obfuscation. Avoid storing sensitive data in SharedPreferences.
iOS: Implement App Transport Security (ATS) for secure network communication. Avoid storing sensitive data in plist files.

Tags cybersecurity, development, mobile app dev, mobile application

Cybersecurity Tech Magazine

Cybersecurity Risk of IoT: Securing Smart Devices at Home

Post author By Mindquest
Post date 12th February 2024
No Comments on Cybersecurity Risk of IoT: Securing Smart Devices at Home

The increasing prevalence of IoT devices in homes worldwide raises cybersecurity concerns, emphasizing the need for proper usage to safeguard homes and families.

Common IoT Devices and Associated Cybersecurity Risks

IoT devices such as smartwatches, distance-measuring sneakers, home automation applications, and more, while enhancing convenience, also pose security risks if not used cautiously. These connected devices are susceptible to hacking, potentially compromising personal information and, in the case of geolocation-enabled devices, even indicating when homes are vacant.

Reports suggest that 2024 will see a surge in cybersecurity risk and threats to IoT devices. Therefore, awareness of these risks is crucial, prompting the need for users to secure their devices effectively.

The most common cybersecurity risk associated with IoT devices include personal data theft, knowledge of home habits, family geolocation access, fraudulent purchases, physical theft, identity theft, malware introduction, and illicit trading of personal data or images in underground markets.

Also read IoT Consultant Job Description

Recommendations for Cyber Protection

To mitigate these risks, Mindquest‘s experts recommend the following cybersecurity measures for IoT devices on a global scale:

Create Separate Networks: Establish dedicated networks for IoT devices using intelligent routers that create virtual networks. This prevents potential infections from spreading between computers and IoT devices.

Strong, Unique Passwords: Implement robust and distinct passwords for each IoT device, with regular password changes to enhance security.

Disable UPnP Protocol: Turn off Universal Plug and Play (UPnP) to hinder devices from easily discovering each other.

Regular Updates: Install the latest updates promptly, as they often include crucial security patches to address vulnerabilities.

Download from Official Sources: Obtain mobile apps exclusively from official markets to reduce the risk of downloading compromised applications.

Prioritize Security Settings: Review and prioritize the security settings of IoT devices over other functionalities to enhance overall protection.

Turn Off When Not in Use: Disable IoT devices when not in use to minimize the exposure to potential security threats.

User Training in Cybersecurity: Provide users with training and awareness programs on cybersecurity, especially for those utilizing IoT devices.

Cybersecurity Challenges of Smartwatches

As an illustrative example, we at Mindquest highlighted cybersecurity concerns specific to smartwatches:

Lack of Cybersecurity Standards: Smartwatches, like other IoT devices, face challenges due to the absence of specific cybersecurity standards.

Sensitive Information Collection: Smartwatches gather extensive personalized information, including GPS location, application notifications, biometric and health data, training information, and payment transactions, making them susceptible to data breaches.

Vulnerabilities in Design and Connectivity: The design and connectivity of smartwatches pose vulnerabilities that can be exploited by attackers. Weak user passwords and outdated systems further compromise security.

Limitations on Antivirus Software: Some smartwatches do not support antivirus software, leaving them exposed to potential threats.

Lack of Two-Factor Authentication: Absence of two-factor authentication in certain smartwatch designs increases vulnerability, especially in payment transactions.

Automatic Pairing Risks: Automatic pairing with other devices poses risks, necessitating the need to disable this function to prevent unintended connections with public or insecure Wi-Fi or Bluetooth networks.

Tags cybersec, cybersecurity, IoT, tech news

IT Infrastructure Job Descriptions

Cybersecurity Expert: Job Description

Post author By Mindquest
Post date 13th September 2022
No Comments on Cybersecurity Expert: Job Description

Use our template to create a compelling and comprehensive Cybersecurity Expert job description to attract top talent.

Helping companies protect themselves from hackers or overly curious competitors: this is the main task of the Cybersecurity Expert job.

Also read our article about IT infrastructure: components, job profile, and best practices

Cybersecurity Expert: the job

Firstly, the Cybersecurity Expert job within a company is to anticipate flaws related to data protection in the information system and secure them. They establish a diagnosis that enables them to identify all security flaws and then provide protection solutions.

With an obligation to achieve the results, they are also responsible for training the company’s staff in good data protection and information security practices.

Let’s look in detail at the steps involved in being a Cybersecurity Expert.

Performing a diagnosis of the information system

Sometimes assisted by volunteer hackers or intrusion professionals, the cybersecurity expert first studies the information system in its entirety. This diagnosis allows them to propose solutions for maximum security (protection from attacks, but also confidentiality). Through this diagnosis, they then mainly try to identify the weak points of the system.

Setting up various security processes

In close collaboration with IT specialists and the heads of the various departments, the cybersecurity expert defines a security strategy suitable for the company’s needs. This strategy consists of a comprehensive set of procedures, from password management to encryption (encryption and decryption of outgoing and incoming messages), via firewalls, antivirus software, etc.

Ensuring the durability of security systems

To develop solutions and ensure their sustainability, the cybersecurity expert must know the law and specific regulations and be well-informed about new technologies. They must also be able to update security systems according to new threats and the latest technologies.

Required skills of the Cybersecurity Expert

Solid knowledge

The Cybersecurity Expert must have a solid knowledge of security system development. They must also regularly update their knowledge on the latest threats on the Internet.

Anticipation and responsiveness

The Cybersecurity Expert must have an excellent sense of anticipation since their work is primarily based on prevention and vulnerability management. They must also be extremely responsive and know how to handle pressure when security problems arise.

A good teacher

This professional must be a good teacher and maintain a good working relationship with colleagues. Because these are two key elements that will help him/her raise awareness among colleagues about information system security.

Context

For the past few years, companies have been allocating more and more of their budget to IT security. Faced with the explosion of cybercrime, and with the increasing complexity of information systems, companies are often looking for new cybersecurity specialists.

Salary

The average daily rate for a cybersecurity expert is between 300 and 600€.

Education and training

In conclusion, to become a cybersecurity expert, it is necessary to have a 5-year degree. You can pursue an engineering degree with a specialization in computer security. Or to follow a master’s degree in computer science with a specialization in computer systems security. These two courses are highly appreciated.

The security of a company’s data is now a strategic issue. This is why cybersecurity will often have a special status within a company. After a few years of experience, the cybersecurity expert can move towards positions such as information system manager or director.

You can also read : 10 experts in cybersecurity to follow

Find a Cybersecurity Expert job with Mindquest

Tags cybersecurity, cybersecurity careers, IT infrastructure, IT job description

About us Featured Podcast Interviews

Cybersecurity Career Tips From a Ballerina Turned Pentester

Post author By Mindquest
Post date 1st October 2021
No Comments on Cybersecurity Career Tips From a Ballerina Turned Pentester

Cybersecurity Carer Tips from a Ballerina Turned Pentester — Cybersecurity engineer Lola Kureno shares cybersecurity career tips and discusses how a single event set her on a completely unexpected professional path.

Lola Kureno is an Israeli-born cybersecurity engineer living in Tokyo and working for IT training and certifications provider INE. An expert pentester and ethical hacking advocate, Lola shares cybersecurity career tips and discusses how a single event changed her life forever and set her on an unexpected professional path.

Subscribe to our podcast

Interested in more cybersecurity career insights? Discover what makes a state-of-the-art SOC.

You have quite an amazing career story. You set out on a very different path, and then a major event changed everything. What happened?

It’s quite a long story. My background was not in tech at all. Since I was three years old, I was a classical ballerina. That’s what I was set to be my whole life, or so I thought. I was a professional. I was with dancing companies and had all my life centred around classical ballet. That’s all I knew how to do.

And then I had a very bad car accident. I spent six months in the hospital, plus two years of rehabilitation just to get back on my feet. It was really bad. I was a passenger in my coworker’s car. She broke a couple of bones but was okay. But it was a frontal impact for me, and it was not only the physical side of things. It is not good for your mental health to think that all that your life is about can end in a second.

After I was kind of physically recovered, I really didn’t know what to do. That’s why I left the US, where I was living, and went to Europe. I spent about a year not doing anything. I didn’t know what to do with my life.

Later I went to Lisbon and that’s where I met my husband and got married. We moved to Tokyo, and life here was very different from anything that I was used to. And eventually, I had to get a job, but I didn’t know how to do anything else besides ballet.

So, I got a normal job in a company, like 8 to 5, but I wasn’t happy. It paid, but it wasn’t anything that let me be ambitious, be competitive, learn and study. It was boring. Get back from work and watch TV, go to sleep and repeat. The same routine. It didn’t make me happy.

And then you found tech. Why did you go into IT and pursue a career in cybersecurity?

Computers were always a hobby for me. My father was an engineer, and I got my first computer when I was really young. But it was just something I did when I had time.

And I shared with my husband that I was feeling like I was a waste, that I wasn’t doing anything. And he said “well, you shouldn’t. You’re smart just do something with the computer. You like computers.”

But, you know, I had that image, that thought that if I didn’t have a degree in engineering or computer science or something related, I couldn’t do anything. And I was in my early 30s, I was not a kid anymore.

I didn’t know what to do, so I started researching about maybe getting a first degree, something like that that I could do. And I came across something along the lines that you could actually hack for a living. And I was like really, hack for a living? That was very intriguing to me. I was very curious about it. So, I started researching and that’s when I learned about cybersecurity and something got into me. I started researching more career options and that’s how it started.

So, how did you actually get started in your cybersecurity career?

After discovering all of this, I couldn’t think of anything else but that. I still had my full-time job, but I would come back from work and be back on the computer. I did that on the weekends.

And, talking to people, I met someone who was studying for the eLearnSecurity Junior Penetration Tester (eJPT) certification. And he said, well, there is this platform where you study and, when you feel ready, you just buy the test, take it and can get certified. I had read about some other certifications, but I didn’t feel qualified to take any of them. I was just starting, you know.

So, I would study every day using materials from the cyber mentor Heath Adams. He was my first big source of information. And then I started looking at cyber security content from Neal Bridges. That was another community that really gave me lots of information. From there, I met many amazing professionals like Phillip Wylie, an amazing pentester who now is a personal friend of mine besides being a colleague in the industry.

And yeah, that’s how it started. I eventually took the eJPT test and passed it. Later, I got an internship, being an intern for Neal Bridges’ personal consulting company. I spent some months being his intern and learned a lot of things.

I was learning continuously. It was an everyday thing. I didn’t do anything else, just study. And then the opportunity to work at INE was presented to me, and I took it.

What does your current position as a cybersecurity engineer involve?

Actually, penetration testing is just a small portion of my current job tasks. I do much more than that. I would say that penetration test is maybe like 15% of it all, 20% perhaps.

Lots of what I do involves talking not only to coworkers but talking to clients. If you don’t know how to talk to people, you’re behind. So, you need to have those soft skills.

Are programming skills a must for a successful cybersecurity career?

You don’t need to be a developer, you don’t need to be a coder. But it helps to at least to understand what’s going on in a piece of code. You use Bash, PowerShell, Python, Go, Ruby. Those are some of the languages that we are always using.

You don’t need to know how to use these languages at a development level, but knowing what’s going on helps. If you come from a development background, it helps. Absolutely, very helpful.

What skills would you recommend others to focus on to advance their cybersecurity career?

would say that it’s wonderful that you’re focusing on all your hacking and pentesting skills, but know that you need some other skills to go with that.

Right now, a big part of my routine is learning cloud. My job is a lot in the cloud. Of course, I’m still studying pentesting, but I am studying cloud because I need it for my job. I know the fundamentals, but I still feel that’s not enough, and cloud it’s now a crucial skill for the whole cybersecurity world. It doesn’t matter what your job is in cyber: you need to know some cloud.

What other advice would you give to people pursuing a cybersecurity career?

There is always room for improvement. It doesn’t matter if you are someone who’s one year into the industry or 10 or 20. There is always something new to learn. It doesn’t stop.

Talk to people. Don’t hide behind your computer screen. Network.

Also, make sure to have an active LinkedIn profile. Many people think that LinkedIn is only for job hunting, so after they finally find a job, they let their LinkedIn profile die, and that’s a big mistake.

The fact that you already have a job doesn’t mean you shouldn’t be open to opportunities. There are always things to do, not only your full-time job. So, keep networking, keep talking to people.

Go to conferences. If you can’t go to a conference, volunteer for them. Volunteering for conferences gives you the opportunity to be in contact with wonderful people. Brush your soft skills.

And if you’re not in the industry yet, if you’re still hoping to get your first cyber job, finding a mentor is a good idea. Plenty of people would be very happy to help you out. Don’t be afraid of connecting to people.

Lastly, don’t give up. Many times, when I was job hunting, I came very close to giving up. But, since I had networked so much, I had so many people who knew that I was job hunting. And they didn’t let me give up. That’s another benefit of networking. These people have your got back, they keep you accountable, they keep you on track. So, don’t give up.

It’s hard. You will get many noes for silly reasons. You will get 10, maybe 15 or 100 noes. But you will get that yes.

For more tips about pentesting and cybersecurity careers, make sure to follow Lola on Twitter and LinkedIn.

Check out more of our interviews in our podcast episodes.

Tags behind the screens, cybersecurity, cybersecurity career tips, cybersecurity engineer, INE, interview, lola kureno, pentester, podcast

About us Podcast Interviews

Leadership Failure: The Real Human Element Behind Cyber Attacks

Post author By Mindquest
Post date 13th August 2021
No Comments on Leadership Failure: The Real Human Element Behind Cyber Attacks

Dr. ir Johannes Drooghaag talks about the real human element behind cyber attacks and his work helping educate children and parents about cyber security.

Dr. ir Johannes Drooghaag; CEO of Spearhead Management and founder of Internet Safety for Kids; recently sat down with us to talk about the real human element behind cyber attacks. His work helping educate children and parents about cybersecurity.

Subscribe to the podcast

You might also enjoy our interview: A Career in Data Science: Unlocking The Power of Data with AI

How did your career in tech start? What do you do these days?

My career started in applied information technology and I my interest was first in the technical part of that. But I lost interest when I noticed that technology keeps rotating and innovating and reinventing itself so fast that it’s very difficult to keep up. And I started to get very interested in how can we build bridges; with the people using the technology and how they can they keep up with this enormous pace of technology.

That was more than 30 years ago and, since then, the pace has only increased. But we have not really done a lot to improve how we educate people with technology. So that became my mission. I focus mainly on the human element of technology, and I do that in the field of cybersecurity, of agile management, for digital transformation. We say it is all customer-focused, which in most cases is true. But, in many cases, we forget the people within the organisation who have to work with all that technology.

How do you advocate for this human-centred approach to technology?

I founded a company called Spearhead Management, in which we literally take, first of all, the people. We start with education and coaching, and we do that based on an approach that we could call a gap analysis. Where are we today? Where do we want to be tomorrow? And yes, there will be technology involved. But how can we enable and empower the people in the organisation to make that happen and to become part of that innovation and that digital transformation. And we do that through training. We do that through consulting, through coaching.

I also use my voice on social media. I started to actively use social media three years ago. I’ve been growing fortunately very fast in the last three years. I use that a lot to point out what the human element behind cyber attacks is. What has gone very well? What has gone not so well? And what has gone really, really bad?

And one of the things I do with my team is that, once a year, we publish a report called The Human Element in Cyber Security, and I do podcasts and keynotes around it under the title “The Human Elements in Cyber Security: And It’s Not What You Think.”

Why is it not what we think?

Because when we look at the IT community, there’s a lot of focus on the user error. So you might get the impression that the user is responsible for all cyber incidents. And when we look at the media, we get all the information about the bad fenders, about the vulnerabilities, about how somebody was hacked and everything went wrong.

But when we look at the technical information about these cyber breaches, we see that more than the human element caused 80% of them in the configuration and the management of technology, so the technical responsibility behind that technology. Now we should not take that and do the same thing by saying, the IT experts are to blame because that’s not fair nor correct.

A lot of that is leadership decisions. We know in a corporation nothing happens without approval and budget. So, the IT guy can sit there and say “I have to update those machines, I have to replace that software because it’s EOL”. But when that person doesn’t get approval and doesn’t get the budget. I assume they’re not going to pay that out of their own pocket, right?

So the human element is a lot more than just the actual making failures. The majority of that is leadership. The majority of that is completely failed risk management. If we don’t change the way we manage and lead, we will continue to have these issues.

Join our community and find your next job in IT

What would be a textbook example of leadership failure impacting cybersecurity?

There is this beautiful case of the colonial pipeline, a very high-profile case that was recently all over the media. It started with all kinds of theories about what would have been the case. And this theory immediately emerged that people were claiming that a user had opened an attachment. Other people claimed that there had been a case of social engineering through which all kinds of other theories popped up. Things popped up and they were all over the media and social media.

But then the actual experts analysed it. They found that a VPN account, which lacked basic security measures and was not in use for a very long time got compromised. Some one shared that compromised account, including the ID and password, on dark web forums. And used that account for the initial breach of the network and through that they were able to escalate.

Now there’s one thing that we have to keep in mind. There’s an FBI director who made a very interesting statement. There are two types of companies. The companies who have had their network breached by malicious actors. And the companies who do not know that their network has been breached by malicious actors. And that’s the reality that we have to assume at the moment. That we are compromised and that we must implement all potential and available countermeasures based on that assumption.

The colonial pipeline case shows us two things we should focus on. Firstly, abandoned technology. That VPN connection that we are not monitoring, not taking care of and that hasn’t been used for a long, long time: it is still open and available. Secondly, the almost mandatory segregation of network access and segmentation of the network itself to make sure that you cannot simply hop from one privilege to the next one. All that was not available. Your active monitoring, through which you keep an eye on what happens in your network. If, after five years, you suddenly see a VPN connection pop up, you should react to that. Never happened.

For me, that is a schoolbook example of knowing what should be done and not doing that. An example of having all kinds of interpretations that are not factual at the beginning of the incident and, as soon as the actual analysis is publicly known, is once again the basic step.

And that is what we see in the majority of our research as the real human element behind cyber attacks. When we follow the three basic elements of cybersecurity (patch management, access management, segmentation and segregation), we can prevent more than 90% of all cyber incidents.

You are the founder of Internet Safety for Kids. Can you tell us a bit about this initiative?

We create videos and content to enable parents and children to use the Internet in a secure and responsible manner. We do that with videos and cartoons. The kids love it. We get wonderful feedback, and the most interesting part is that parents write us to tell us that they’re learning from the videos, which they thought were intended for the kids, but we make them on purpose for the kids and the parents. It’s a beautiful project. I love it. It’s a lot of work, but it’s worth every hour that we invest in it.

What sort of cybersecurity advice do you provide in these videos?

Well, there was one episode for which the kids made the entire script from beginning to end.

They said “We have some wonderful advice: we need to inform our parents about what we do, and we should never hide what we do, and we should always explain why we want to do it. But can you please be so kind as to tell the parents that they should listen when we want to tell them something? And if we want to show them something, that they should actually take a couple of minutes?”

So we did this episode created by the kids alone and we didn’t allow the parents to criticise any of it, just focused on saying “Hey parents: yes, we can tell you what the kids should do, but you should have time for them when they want to do what we tell them to do.”

I love that so much. We had so much fun creating that. We encourage parents and kids to learn this together. It’s not that parents give these videos to the kids and say “well, be busy and learn this.” Sit down together, learn this together and use it as an input for discussions with each other. What we’ve learned with the kids is that they’re really actively involved, so they come back to the parents and they say, “hey, I watched this video and look, I’ve done this and it looks good.” And that’s the coolest thing.

Check out more of our interviews from our podcast episodes.

For more on the human element behind cyber attacks and IT in general, make sure to follow Dr. Drooghaag on Twitter, LinkedIn or through his website.

Tags behind the screens, cyber attacks, cybersecurity, human element, internet safety for kids, interview, johannes drooghaag, podcast

IT Infrastructure Job Descriptions

SOC Analyst: Job Description

Post author By Mindquest
Post date 17th June 2021
No Comments on SOC Analyst: Job Description

Use our template to create a compelling and comprehensive SOC Analyst job description to attract top talent.

The role of the SOC (Security Operation Center) analyst is to monitor a company’s information systems. They must detect all suspicious and malicious activity on computer networks, whether they come from the inside or the outside.

In a world where cyberattacks are increasingly present, this role has become essential.

SOC Analyst: the job

Risk prevention

As the first step in their intervention, the SOC analyst must do risk prevention. They must play an evangelising role within the organization, communicating with employees around cyber risks and providing users with best practices for IT security.

Interpret and process alerts

When the SOC analyst detects a security breach or malicious activity, they must determine its source and impact. Following this extensive investigative work, they must implement the most effective and rapid course of action to resolve the problem. They must then put in place mechanisms to avoid a new threat.

Monitor and keep watch

The world of cybersecurity is evolving at great speed and new threats are emerging every day. They need to keep watch on all the threats and vulnerabilities that exist, as well as on new ways to protect themselves from them. The goal? To better anticipate and respond to long-term threats.

Also read the IT Infrastructure best practices

Required Skills

IT security expertise

To be able to manage threats and find flaws in a company’s information systems, the SOC analyst must know how to use servers and security tools such as Proxies, Fireworks, antivirus, VPN.

Discover Why Use Proxies ? and What’s the Difference Between a Proxy Server & VPN ?

Mastery of computer tools and languages

When they have to fix security vulnerabilities in information systems, they have to mobilise a very broad technical set of skills. Mastering Linux, Unix or Windows, as well as the programming languages on which the company’s IT systems are based is often essential. Not all companies use the same computer languages or the same security systems. When starting a new position, they must quickly adapt to different languages and be able to use them all.

Communication and teamwork skills

The analyst is in constant contact with users and works across the board with all departments of the company. They must demonstrate interpersonal skills such as the ability to collaborate and share knowledge.

The SOC Analyst within the industry

The SOC analyst role is one of the most sought-after jobs in cybersecurity. Its role is essential for the proper functioning of information systems, especially in a context where attacks are more and more commonplace.

Salary

The average daily rate of a SOC analyst oscillates between €350 and €700.

Training and education

To become a SOC Analyst, it is best to have an engineering background with a specialisation in cybersecurity.

Tags cybersecurity, job description, security operations center, soc analyst

About us Featured Podcast Interviews

From Hacking NASA to Protecting Your Online Accounts: A Chat with Rickey Gevers

Post author By Mindquest
Post date 27th May 2021
No Comments on From Hacking NASA to Protecting Your Online Accounts: A Chat with Rickey Gevers

We interview Rickey Gevers, cybersecurity expert and founder of Scattered Secrets to discuss his career and ethical hacking.

Ethical hacking can be the solution to some of our most serious cybersecurity issues. We interview Rickey Gevers, cybersecurity expert and founder of Scattered Secrets, a password breach notification and prevention service that is helping businesses and individuals protect their online accounts.

Here is how this Dutch security pro got into hacking, was arrested by the authorities, and went on to show how that his talents could also be a force for good.

Subscribe to the podcast

How did you get into hacking?

My dad was really the one who introduced me to tech. I’m not a typical technical person. I like to play outside and those kinds of things. So, not necessarily being behind a computer. But my dad bought a computer when I was young, so I started playing with it at a young age too. I liked the Internet a lot because you could search for anything you wanted. I am a very curious person, so I was looking things up all the time.

But an Internet connection was very expensive back then, and at one point my parents had to pay a lot of money because of me. So, they used a Windows password. But I managed to break into the Windows user account and started using the Internet again. They got mad again, and then my dad used a BIOS password, which was a proper measure to keep me out for a month or so.

Then I managed to take out the whole modem, put it in my own computer, install all of the drivers and use the phone connection from the moment they left the house. And I put my computer in such a position that if they came home, I could see them entering and remove the cable, remove the modem, and put them back in my dad’s computer just in time before they entered the house. That’s how I sort of started hacking, in a pretty natural way. I wasn’t really busy with hacking or anything. I just wanted to get the things done.

Then, at the age of 13, you created Waarneming.nl, a leading community-driven platform where users collect and share data for nature conservation, research or education. How did you go from there to the major leagues of hacking?

Usually, when I talk about the things that I have achieved, I see Waarneming.nl as the brightest thing that I’ve done. I didn’t make any money from it, but it contributes a lot to society. And at one point the website got hacked, which I will never forget. One guy just took it offline and put some defacement posters on it. I put the website back online but, after half an hour, the guy defaced the website again. It a lot of fun for him but, of course, it was not for me.

I decided I didn’t want this to happen anymore in the future. And the only way to stop it was to understand how hackers work. So, I started to learn to hack and, pretty quickly, I hacked my first computer. I kept on challenging myself. Back in the day, nobody got arrested for it. I didn’t break any computers ; didn’t delete any files or whatever you can imagine ; I just hacked the computer and that’s all I did. So I started aiming for higher targets. I went from one computer to a computer network. I went to universities because they had fast Internet connections. And I moved up the ladder and eventually was able to basically hack any network, move laterally within the network and become the main admin. And that’s sort of where my story ended.

Join our community and find your next job or expert in IT

Then you got caught.

For some reason, the University of Michigan did a forensic investigation, found me and arrested me. As I said, this was back in the day, so not a lot of hackers got arrested. I had also hacked NASA, to just give you an example. And I remember one guy got arrested for hacking NASA, but at that time, it was very normal to hack computers at NASA.

What exactly happened with the whole University of Michigan incident?

Well, the University of Michigan was sort of my playground, because the Internet connection there was very slow. So, if I wanted to try some new tools that I had found, I usually tried to do it on a network there, which is probably one of the reasons they caught me. But they did a proper forensic investigation and they determined that I was in the network, that I had full control of the network, but that I didn’t do anything else. So that’s why the FBI basically did not chase me.

Then the high-tech crime unit here in the Netherlands was established and they contacted the FBI and asked them if they had anything they could do for them. So that’s when the FBI said, well, we have a file here. We know its name, we know where he lives, so maybe you can pick up the case. And that’s basically what they did. I got arrested by the high-tech crime unit as one of the first hackers they arrested, I believe. They thought I was a really big hacker, which I wasn’t, of course. I did hack a lot of computers, but I never did anything with it. So, I was basically a huge disappointment.

Then, after some years under trial, and a suspended sentence, you went back to hacking, but with a different approach. You went on to create Scattered Secrets. What was your thinking?

At first, when I went on trial, I wondered “should I continue this?” But after two years, I was like “well, I’m only good at one thing, so let’s just fight back and show everybody that I’m on the good side and that I don’t have anything to do with criminals or whatever.” And I started hacking again.

I did a lot of penetration testing, and at one point I noticed that you can easily hack any company and you usually do it with the same trick. That’s when I started building Scattered Secrets, because I believe you can hack any company by simply looking at the passwords that have been leaked. So that’s what we’re trying to fight against right now. We’re basically doing the low hanging fruit for most hackers. It’s not that interesting. It’s not that advanced. But, in our opinion, it’s the most dangerous and easiest way to hack any company right now.

So, you basically monitor for passwords that have been hacked and leaked. Where do hackers get these passwords?

The funny thing is that most passwords are leaked through only a few databases. We have a few enormous leaks. One of them is MyHeritage. The other one is MySpace. And the third one is LinkedIn. That’s where most passwords come from. It’s often the small databases people are in, but once every two years, you have an enormous breach.

Given these ongoing data leaks and recent headline-grabbing global breaches, how do you think we are doing in terms of cybersecurity?

Often, if you talk to security experts, they say we’re not getting better. But in my opinion, there won’t be a single day without hacks. That’s simply because you have the human factor, and the human factor is always vulnerable. We can build secure systems, but there’s still a human using them, so it will always be vulnerable. So, we have to deal with the fact that there will always be hacks.

At the same time, when it comes to multinationals – back in the day, in 2014 or prior to that, we had these flat networks, and you could easily become the administrator. It was pretty easy to hack large companies. I think most multinationals now have a certain base level. And, sure, in the news we see the ones that don’t have that base level. But we’re getting more and more mature. I think that’s the most valuable lesson.

To you, what’s the most challenging aspect of cybersecurity?

As a security researcher, I think the most challenging part is that you have to keep up with your knowledge, you have to continue learning and working. If you stop doing certain things, your knowledge starts to lag behind. It’s a constant battle to keep your knowledge at a certain level.

And what are your go-to cybersecurity education resources to stay at that level?

Without a doubt, the SANS Institute. In my opinion, they’re the only real experts. It’s very expensive, between six and eight thousand euros, but it’s absolutely worth the money. I try to do a course every year, but it’s not always easy to find the time.

Check out more of our interviews from our podcast episodes.

You can follow Rickey on Twitter and LinkedIn.

Tags behind the screens, cybersecurity, cybersecurity careers, ethical hacking, hacking, interview, podcast, rickey gevers

Cybersecurity Tech Magazine

10 of the Best Cybersecurity Experts in the Netherlands to Follow Online

Post author By Mindquest
Post date 28th April 2021
No Comments on 10 of the Best Cybersecurity Experts in the Netherlands to Follow Online

Information security only keeps gaining importance. Here are 10 of the best cybersecurity experts in the Netherlands to follow on LinkedIn and Twitter.

Certainly, information security only keeps gaining importance as more and more business-critical processes move to the cloud and hackers get more sophisticated. For this reason, you should stay up-to-date with best practices, top threats and emerging trends. That is why we at Mindquest suggest you 10 of the best cybersecurity experts in the Netherlands to follow on LinkedIn and Twitter.

Also disover our article: 10 of the Best Software Developers in the UK to Follow Online

10 of the Best Cybersecurity Experts in the Netherlands to Follow Online

Cybersecurity has become crucial in recent times, especially during the Covid-19 pandemic. As more and more companies had to implement their own virtual work environment, the need for cybersecurity experts grew exponentially. At Mindquest, as IT talents experts, we know the importance of getting the right contact to stay up-to-date and always match the top candidate for the best IT positions.

Therefore, take note of the 10 best Cybersecurity experts in Netherland to follow online.

Chantal Stekelenburg

LinkedIn | Twitter

Firstly, Chantal is head of Hackers at continuous security platform Zerocopter and also a co-founder and organiser of the Netherlands’ Women In Cybersecurity Community Association.

Oscar Koeroo

LinkedIn | Twitter

Oscar is currently leveraging his expertise as a Docent at Security Academy, where he imparts knowledge on Applied Cryptography.

Sanne Maasakkers

LinkedIn | Twitter

Also, Sanne has recently joined Mandiant, now a part of Google Cloud, as a Senior Analyst. In this role, Sanne brings her expertise in cybersecurity to the forefront, contributing to Mandiant’s mission of providing cutting-edge security solutions.

Astrid Oosenbrug

LinkedIn| Twitter

Astrid is currently serving as the Corporate Social Responsibility Officer at ESET Nederland. In this role, she focuses on measuring the impact of the organization’s activities on society and the environment, promoting transparency and ethical behavior to contribute to sustainable development.

Floor Terra

LinkedIn | Twitter

Floor is a senior privacy advisor at data protection services Privacy Company He also specialises in high-impact projects combining technological and organisational solutions.

Joost Schellevis

LinkedIn|Twitter

Joost is a tech editor at Dutch news organisation NOS. He writes about security and privacy issues and also reports on the country’s latest cybersecurity news.

Marjolijn Bonthuis

LinkedIn | Twitter

Marjolijn is deputy director at ECP, a public-private platform for the development of the information society. She is also the winner of Women in Cyber Security (WiCS)’s 2016 Woman of the Year Award.

Lodewijk van Zwieten

LinkedIn | Twitter

So, Lodewijk is a senior public prosecutor at the Dutch Public Prosecution Service specialising in combating cybercrime. He is also part of the supervisory board at the DIVD.

Anna van der Leeuw

LinkedIn | Twitter

Then, Anna is a privacy law expert at firm Allen & Overy, where she focuses on European Union regulations around ICT & Telecom, data protection and cybersecurity.

Rickey Gevers

LinkedIn | Twitter

Last but not least, Rickey works as Incident Responder at Responders.NU. Founded with the mission to elevate Incident Response to new heights, the company breaks away from traditional approaches to deliver unparalleled expertise and service.

Tags cybersecurity, data privacy, data protection, infosec, Netherlands, security experts