Enhancing your security with open-source tools With cybersecurity gaining increased attention in Italy, it has emerged as the top priority for digital investment among businesses in 2023. Notably, both large enterprises and SMEs recognize the significance of robust cybersecurity measures. Recent data reveals that a staggering 61% of organisations with over 250 employees have chosen to boost their cybersecurity budgets in the past year. Moreover, the Italian cybersecurity market is projected to witness remarkable growth, reaching a value of 1.
Cybersecurity challenges in Greek companies – Study by EY Greece and Microsoft ΕΥ Greece and Microsoft have carried out a study on the challenges concerning cybersecurity in Greece. The study attempts, for the first time in the Greek market, to thoroughly analyse the current national and European legal and regulatory framework of cybersecurity. European regulations, such as NIS, NIS II and CERD, the main legal acts on cybersecurity in Greece (4577/2018, 4961/2022), their field of practice and the next steps for the compliance of the Greek companies with those, are presented in the study.
Συμμετοχή της ΔΕΥΑΛ στην 3η συνάντηση του Ευρωπαϊκού Προγράμματος CS-AWARE-Next στην πόλη Caltagirone της Κατάνια
Συμμετοχή της ΔΕΥΑΛ στην 3η συνάντηση του Ευρωπαϊκού Προγράμματος CS-AWARE-Next στην πόλη Caltagirone της Κατάνια https://www.deyal.gr/el/enimerwsi/nea-anakoinwseis/item/3058-symmetoxi-tis-deval-stin-3i-synantisi-tou-evropaikoy-programmatos-cs-aware-next-stin-poli-caltagirone-tis-katania
NIS2 – Key Challenges on the Horizon About ten years ago the proposal of the original NIS-Directive was introduced into our lives. It was the first cybersecurity act in the EU, creating a new baseline for cybersecurity. Unfortunately the effects of the original NIS weren’t as good as initially hoped. Its objectives of increasing the level of security of network and information systems across the union were hindered by problems regarding different levels of resilience among member states, insufficient resilience of individual organisations, and ineffective oversight by government authorities.
Data-driven cybersecurity The availability of a large amount of data facilitates the spreading of a data-driven culture in which data are used and analyzed to support decision-making. This is also true for the cybersecurity environment in which the increasing number of threats appearing over time and related public data caused a “paradigm shift in understanding and defending against the evolving cyber attacks, from primarily reactive detection toward proactive prediction”. Conventional data analysis approaches cannot address the complexity of the new threats and the velocity with which they are generated and spread throughout the Internet: more flexible and efficient mechanisms are needed.
Cyberattack in Thessaloniki Five years ago the security of the digital infrastructures of the organisations was not even an object of discussion. Most though of security as a store room with a lock on the outside, a back-up external drive, that usually remained connected on the server, and an antivirus that in most of the cases was a free one. It comes without saying that file sharing policies, back-up check in portable devices, active directory, firewall, certified connection of the users in the internet, GDPR, website access restrictions and in everything that we today consider digital security.
Users are not stupid This article from Julie Haney of NIST deals with some of the misconceptions and pitfalls that cyber security professionals fall victim to. These pitfalls reflect a tendency in the cyber security community “to focus and depend on technology to solve today’s security problems while at the same time failing to appreciate the human element: the individual and social factors affecting security adoption.” To appreciate the importance of the human element in cyber security, Haney suggests it would be best to understand the concepts of usability and usable cyber security.
Why old school thinking? For many years, a report from Govloop in the US writes, government agencies have applied a “hodgepodge of cyber-security strategies” to counter both internal and external risks. Many relied on firewalls to manage external activity and potential threats. In the end, the Govloop authors conclude that Legacy firewalls tend to be more concerned with activity attempting to penetrate their perimeter defenses and do not monitor internal activities within the local network.
Greece’s new Cybersecurity Bill A bill on cyber security, telecommunication privacy issues and personal data has been submitted to the Greek parliament. In particular, the bill aims at “ensuring the necessary balance between privacy protection and national security, within the constitutional frame and in the foundation of the best international policies.” Additionally, the bill strengthens the “citizen’s rights against the threats that are connected to the technological evolution”. The bill in question deals with issues of counter surveillance with the use of right tools, the foundation of Information Academy and counterintelligence and the setting of a stricter privacy frame.
CS-Connect first steps! As you may remember, one of the many exciting outcomes of CS-AWARE-NEXT is the collaboration platform that has been baptized CS-Connect in the Wien meeting! CS-Connect is a collaboration layer for the ecosystem, aimed to support the organisations in their activities toward improved security. We have collected the requirements and are now deciding what is the current basis for the development and overcoming different technological challenges. We have selected several Open Collaboration Platforms (CPs) to study and evaluate.