(1) AWS: Remove (or do not generate) root account access keys

To access Amazon Web Services (AWS), an access key is required to verify your identity and the identity of your applications. An access key consists of an access key ID and a secret access key. Anyone with the access key for your root account has unrestricted access to all of your account.

Read More

The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government’s 10 Steps to Cyber Security. Read More

Simple controls your company can implement today to stay protected tomorrow!

Cyber Security and Data Protection can be overwhelming. There is an enormous amount of advice on the Internet, but it is quite difficult to know how to get to started.

At CyberSmart believe that Cyber Security should be accessible and easy for everyone. Therefore we have compiled a series of actionable steps to help you protect your data. Each week we focus on one control, provide some background information and answer common questions. Read More

Simple controls your company can implement today to stay protected tomorrow!

Cyber Security and Data Protection can be overwhelming. There is an enormous amount of advice on the Internet, but it is quite difficult to know how to get to started.

At CyberSmart believe that Cyber Security should be accessible and easy for everyone. Therefore we have compiled a series of actionable steps to help you protect your data. Each week we focus on one control, provide some background information and answer common questions. Read More

With the latest media attention on cyber security incidents and data breaches, I hope you agree with me when I say that we are past discussing the importance of data protection and cyber security. If you still think cyber security is not relevant for start-ups and SMBs, come back next week and let me convince you that it truly matters.

Picture this: a pig, covered in fluffy fur, that lays eggs and gives milk. In German, this is called “eierlegende Wollmilchsau” which is vaguely translated to “Jack of all trades” in English. Unfortunately, I have seen this being advertised in the cyber security sector as well.
Read More

Case studies around the effectiveness of Cyber Essential Controls

The Cyber Essentials scheme was developed by the UK Government. The scheme provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common Internet-based threats. The Government believes that implementing these measures can significantly reduce an organisation’s vulnerability. Many companies, however, do not implement these controls, and in the past, this has led to serious security breaches.

Read More