Shouts RSS Reader Login

Log in or Sign up to add your own shouts or comment on those from others. It is all free!

Your RSS feeds are served

RSS Collections

Securing media stored in cloud storage buckets against unauthorised access

Fri, 12 Jul 2019 04:40:27 +0000: Avoid exposing sensitive data in public cloud storage buckets (S3, GCS, etc). Here's one way to secure buckets on the application level.

CCSK Domain 5: Information governance

Tue, 02 Jul 2019 09:34:01 +0000: Cloud computing puts different requirements on information governance than on-premise processing and storage. Read how to take the shared responsibility model into account for governance based on the data security lifecycle model.

CCSK Domain 4 – Compliance and Audit Management

Sat, 29 Jun 2019 22:10:01 +0000: Cloud compliance management: key aspects of maintaining compliance throughout a shared responsibility model when using cloud architectures.

Creating a simple RSS reader with Python

Sat, 22 Jun 2019 05:27:31 +0000: I’ve tried to find a simple web based RSS reader but don’t really like any of the most popular ones. Too many ads, too much flashy graphics, and limits on number of feeds without paying. So, I started uilding one. This is work in progress, and is currently almost featureless. You can add private and […]

Localization in Vue 2.0 single file components without using an i18n library

Sun, 16 Jun 2019 22:02:43 +0000: This post is a quick note on localization. Recently I needed to add some localization features to a frontend project running Vue 2.0. Why not just use an i18n package? That would probably have been a good thing to do, but those I found either had confusing documentation, a high number of old unresolved issues […]

CCSK Domain 3: Legal and contractual issues

Fri, 14 Jun 2019 12:24:22 +0000: This is a relatively long post. Specific areas covered: Legal issues Cloud service agreements (contracts) Third-party access to documents stored in the cloud (e-discovery) 3.1 Overview 3.1.1 Legal frameworks governing data protection and privacy Conflicting requirements in different jurisdictions, and sometimes within the same jurisdiction. Legal requirements may vary according to Location of cloud provider […]

CCSK Domain 2: Governance and Enterprise Risk Management

Thu, 23 May 2019 22:01:41 +0000: CCSK domain 2 is about risk management and governance. In this post we look at some of the CSA guidance descriptions and also comment on more practical aspects of governance when moving to cloud computing.

CCSK Domain 1: Cloud Computing Concepts and Architecture

Sun, 19 May 2019 20:43:49 +0000: Recently I participated in a one-day class on the contents required for the “Certificate of Cloud Security Knowledge” held by Peter HJ van Eijk in Trondheim as part of the conference Sikkerhet og Sårbarhet 2019 (translates from Norwegian to: Security and Vulnerability 2019). The one-day workshop was interesting and the instructor was good at creating […]

How to reduce cybersecurity risks for stores, shops and small businesses

Mon, 06 May 2019 17:07:05 +0000: Crime in general is moving online, and with that the digital risks for all businesses are increasing, including for traditional physical stores – as well as eCommerce sites. This blog post is a quick summary of some risks that are growing quickly and what shop owners can do to better control them. Top 10 Cybersecurity […]

Running an automated security audit using Burp Professional

Mon, 18 Mar 2019 21:17:51 +0000: Reading about hacking in the news can make it seem like anyone can just point a tool at any website and completely take it over. This is not really the case, as hacking, whether automated or manual, requires vulnerabilities. A well-known tool for security professionals working with web applications is Burp from Portswigger. This is […]

How to optimize management of GDPR data subject access requests

Sun, 14 Jul 2019 20:37:40 +0000: Managing requests from persons whose data you process is a key aspect of GDPR compliance. Learn more about how to optimize managing and responding to user requests in this practical workflow post.

Privacy isn’t about secrecy, it is about human rights

Sat, 06 Jul 2019 22:07:15 +0000: Do you value privacy? Most individuals and companies would reply with a clear “Yes!” to that simple question but their actions are often not very well aligned with that expressed attitude. What are the legal privacy rights we have as individuals? Before we consider whether ee actually do value privacy, let’s review what rights the … Continue reading Privacy isn’t about secrecy, it is about human rights

How to prepare for ransomware attacks

Thu, 27 Jun 2019 10:38:02 +0000: Cybehave's June security note is on #ransomware - how to prepare to avoid paying criminals to get your data back

Multiple new features

Mon, 24 Jun 2019 21:45:25 +0000: Bringing new features to RiskTool, PrivacyBox and PhishingBot - and one more thing - our IssueTool is now available to customers too: issue tracking the way it should work!

Create an awareness training plan that works

Mon, 17 Jun 2019 21:01:33 +0000: Learn how to plan a role based and effective cybersecurity awareness program - and get a free planning template.

Norway: Cybehave to deliver security advisory in national health sector ICT modernization project

Tue, 21 May 2019 21:30:37 +0000: Cybehave will be a subcontractor to Webstep in new eHealth development project with a potential value up to 80 million NOK and a duration of 4 years. Cybehave will provide advisory services within security architecture and threat modeling.

What should you do when your company gets hacked?

Sat, 18 May 2019 20:45:45 +0000: What should you do when you get hacked? This post helps you understand how you should prepare and what your action plan should be focused on to minimize business impact and getting back to normal quickly.

Demo: see how easy it is for hackers to get remote access to your computer

Tue, 14 May 2019 23:04:13 +0000: A blog post showing how easy it can be to create malware that lets a hacker get access to your computer - whether you are running Windows, Linux or a Mac.

Designing our way out of reach of social engineers

Wed, 08 May 2019 21:11:16 +0000: The problem with the "dangerous link" is often not that we do not know that links may be dangerous. Our goal when using a computer is not to verify that links are safe (unless you work in cybersecurity, perhaps) - it is to get something done. Can designers help make that safer?

GDPR fine to 5-star movement data processor in Italy over technical security blunders

Wed, 01 May 2019 19:04:40 +0000: Italian regulator gives first GDPR fine - over poor cybersecurity practices at the website of the 5-star movement. Good information security management is a requirement for GDPR compliance.