Our Blog
Dark Web Monitoring
The dark web is the part of the internet that is only accessible through a specialized web browser. It enables criminals and other users who require a high degree of anonymity to transact business and communicate with far less risk. Some use the dark web to evade government censorship, but it’s also a breeding ground for illegal activity. As more companies are targeted by data breaches, their data is often sold to the highest bidder on marketplaces or shared in forums. It is in the...
The Three Lines of Defense model and its challenges
In one of our latest blog post, we gave an overview of how the Three-Lines-of-Defense (3LoD) model can be used risk management (The Three Lines of Defense model). This post addresses the challenges of the model and how it can be improved. Criticism and Problems The organizational structure is changing to more agile and technology-driven solutions, which increase company efficiencies and complexities. Hence risk management frameworks need to keep up with the speed of this development. Often,...
Information Security
We live in the digital world, and information technology is an essential part of our health, happiness, and livfes and even has more importance for our business. For example, information security plays a significant role in medical equipment used in hospitals, banking transactions, traveling on the newest cars, security systems in the homes, smartphones, and smart devices in the current human experience every day. Therefore, with the rise of information technology, cyberattacks have also...
The Three Lines of Defense model
As the risk of being targeted by cyberattacks is steadily increasing, prevention and defense against them are mandatory in every organization. The origin of the three lines of defense model as a concept to holistically manage risks lies in the financial sector and regulators and consultants often recommend it. Thus, many organizations in the financial industry around the globe started following this approach. The model aims at providing efficient and effective risk management, not just...
How to perform efficient Threat Analysis and Risk Assessments
Due to digitalization, the number of cyberattacks will inevitably increase worldwide, as the possible attack vectors that a potential hacker can exploit increase proportionally to the increasing connectivity of systems. The consequence of this is that the system needs for cybersecurity and data protection increases to protect from these threats. There is never a guarantee of preventing a threat in cybersecurity and data protection, but there is a clear goal to minimize cybersecurity risks....
Digital Security & Privacy Marketing Strategy – Best Practices
Due to the increasing awareness of cybersecurity and privacy matters in the consumer market, these topics are becoming more relevant. Companies like Apple make consumer data protection their selling point. Therefore, companies must advertise their digital security and privacy strategy to (possible) customers. For this matter, we at Ginkgo Cybersecurity collected the best practices to improve the marketing strategy for digital security and privacy. Figure 1: A Security & Privacy Marketing...
How Log Aggregation & Monitoring Solutions can improve Cybersecurity and close security gaps in an organization
The explosive data growth in recent years causes companies to lose track of the information coming in and out of business. Businesses worldwide report that at least half of their company data is dark data, i.e., untapped, unused, or completely unknown. This situation leads to serious security gaps where companies can become victims of cyber-attacks. SIEM (Security Information and Event Management) can perform log aggregation & monitoring, such as the market leader in the field Splunk. The...
How cyber-insurance and security architecture can safeguard an organization from cyber-attacks
In the age of digitization, more and more companies are falling victim to cyber-attacks. It estimates that two in every three companies were affected by cyber-attacks. Although, cyber-attacks have long since ceased to be the only target of large corporations, attackers are increasingly targeting small companies. This is precisely why cybersecurity has become extremely important in companies. In particular, securing privileged user accounts and critical systems are on the agenda of many...
The consequences of the GDPR are still underestimated; really painful fines are imposed regularly.
Compliance with the provisions of the GDPR has been binding since May 2018. It seemed that the draconian penalties threatened for violations would not be pronounced in practice in the first months and years. That has changed in the last few months. The possible liability of at least € 20 million or 4% of the global group turnover, whichever is more extensive, has not yet been exhausted, but 8-digit penalties have been overtaken several times during the year. The H&M online shop's operating...
How UNECE WP.29 and ISO/SAE 21434 will contribute to the development of secure vehicles.
In July 2020, the World Forum for the Harmonization of Vehicle Regulations (UNECE WP.29) released the framework for the first legally binding specification in the field of cybersecurity for the automotive industry. The European Union and many other legislators will convert this bill into applicable law. The consequence in the European Union's case is that the requirements outlined therein will bind new vehicle types from 2022 and all new vehicles from 2024 on. This is the first time that there...
Want to get Secure?
Contact