It’s the eleventh hour | Corporate security in times of pandemic and war

Within just 3 years, the world has changed rapidly. A pandemic that not only drove digitization with incredible force, but also made it a requirement from one day to the next. Employees in home offices, uncertainty in securing data, an overburdened corporate IT, limited capacities and a lack of know-how are just some of the reasons for the digitization challenges that gripped companies.

New solutions were introduced, but often somewhat strategically and mindlessly, and without the necessary protection against cyberattacks. As a result, cyberattacks on businesses increased at a rate of 125% (2021 compared to 2020) and often crippled everything. Cybersecurity has been included in the top 5 risks to our global community by the World Economic Forum in 2021. Also, recent high-profile cyberattacks have put cybersecurity at the top of the agenda for key decision makers in organizations and countries.

War follows pandemic

At the beginning of the year, some saw some light at the end of the digitization effort until the next big crisis hits. The Russian war of aggression on Ukraine, a human and economic catastrophe that once again exposes the Achilles heel of European companies. Russia is threatening to use cyber-attacks as a weapon, and critical infrastructure companies in particular (electricity, water, gas, etc.) are under severe threat.

It’s really the eleventh hour. e2 Security is the partner at your side when it comes to protection against cyber-attacks, technology trends (Big Data, IoT, Robotics (automation of processes), Cloud, Artificial Intelligence, etc.) as well as new business concepts in the area of digitalization such as automation & design of business processes, Future of Work, multisupplier strategies or Omnichannel Logisitcs, to name a few examples.

Effectively and quickly we create transparency, identify vulnerabilities and threats, prioritize and secure your company immediately and cost-efficiently against security gaps. We support your employees in in individual, personalized training courses on topics such as user awareness, phishing and data protection. SMEs in particular often have a hard time recruiting employees with the right know-how. On the website of the German Federal Office for Information Security, you will find initial tips that will help and that we will be happy to implement with you. Further IT projects, such as the creation of IT security strategies and roadmaps, security transformation and consulting, or company-specific IT network analysis taking into account IT network segmentation, round off our portfolio for your security. Get in contact with us!

HTTP Verb Tampering

When testing web applications for security flaws, the applications’ handling of different HTTP request methods – also known as verbs – should be considered.Usually, interactions between clients and servers utilize the HTTP methods GET or POST for accessing resources.

Digital transformation requires a solid cyber security

During and after my studies of business administration I worked in different areas and companies. Most recently, almost 5 years in the corporate development/strategy of a semiconductor company with a big focus on automotive applications. During my master’s studies, I mainly focused on entrepreneurship, innovation management and digital topics. That’s why I wrote my master thesis about digital business models. Since August this year I’m working as a consultant in the areas of cyber security and digital transformation and to be honest I’ve more questions than answers after the first weeks.

Phishing: These are the most popular tricks

For criminals and fraudsters, personal data of Internet users is always very desirable. In many cases it allows access to credit cards, bank or online accounts.

Phishing, i.e. obtaining other people’s personal data using fake e-mails or websites, is a popular method of doing this. The following is an overview of the most common methods:

Clickjacking

What is Clickjacking?
Clickjacking takes place when a fraudster sets up an overlaid website interface and steals clicks on that fake website to then use it on a real site. Users come across these illegal overlays by chance and assume that after filling in a field, clicking a link, or entering their passwords, they’ll get access to what they see in front of them.

What is KRITIS and who does it affect? 

In Germany, special regulations apply to operators of critical infrastructures under the Federal Office for Information Security / Bundesamt für Sicherheit in der Informationstechnik (BSI) Act. But who counts as an operator and when are infrastructures classified as critical?

Hard Coded Credentials for Dummies

Hard Coded Credentials for Dummies

or

How to not unknowingly, accidently and unconsciously reveal all your passwords and secrets to bad people

Credentials or passwords are the integral part of online and software world. In the simplest example they are the key protecting your “online house” such as Instagram, Facebook, email, etc.

Who is Hacker’s favorite?

How well is my company positioned when it comes to cybersecurity? Are we way ahead of the game or do we have one foot in a major security hole… these are questions that IT managers often ask themselves. New screenings provide some surprising answers.

The case for flat networks

Flat is trendy.  Flat rates, flat hierarchies, flat iron steaks and even a flat earth, but a flat network?  That is a real no-go nowadays and already for a long time.  Anyone in the business of enterprise network design knows by that a flat network design is just begging for trouble at many levels and layers.

Safety First! Cybersecurity in times of Corona

For more than a year now, more people worldwide have been working from home offices than ever before. 

The digitalization of the home has been turbo-charged, but the digital connection to companies has often been more poor than good, primarily in a hurry, so that everyone can continue to work and earn money quickly. But those which cobble together hurriedly open the door to danger from the web.

SolarWinds – The comprehensive review

In early 2019, hackers secretly broke into Texas-based SolarWind’s systems and added malicious code into the company’s software system. The system, called “Orion,” is widely used by companies to manage critical IT resources.