Vulnerabilities in digital systems

As work becomes increasingly digitized, threats also increase.

Nowadays it is not a matter of whether an attacker comes in with lesser intentions, but it is sec a matter of time, when and how long it visits and for what purpose.

Whereas before it was mainly a disruption, the position of the attacker has changed to a profit model.

We help clients be resilient with, and aware of, cyber threats.

Phishing and ransomeware via email, too-simple password use, unsecured access to files on Googe Drive or Microsoft Onedrive, the Internet -called the cloud-, your website, access to networks with online work, single sign-in, smart devices -IoT-, can have both positive and negative effects, but are often accompanied by significant ongoing costs.

It often happens that systems are built without consulting IT stakeholders. For employees, systems become rigid and unloved, making compliance with security second-rate. A good example of this is a minister, who uses private 

e-mail for work purposes.

Personal data and AVG

The General Data Protection Regulation, or AVG for short, gives private individuals more privacy rights.

Companies, institutions, in fact all organizations that have anything to do with processing data must set up their systems in such a way that rights are protected in a general sense.

In Europe, the AVG applies to natural persons. Processing special personal data, such as health, is prohibited unless the processor bases its purpose on a legal basis.

Data about organizations and legal entities and individuals among us, are not covered by the AVG, as is, sometimes, the preference of public interest vs privacy in the case of a professional. For example, when an inclusion of data, or links to, in a results list appears to be strictly necessary, to protect the right to freedom of information. (ECLI:NL:HR:2022:329)The AVG applies in Europe to natural persons. Processing special personal data, such as health, is prohibited unless the processor bases its purpose on a legal basis..

We can help you map out what data your organization processes and wants to reuse, for your legitimate purpose.

Understanding digital risks

Forgotten configurations, open ports, open test systems, inactive security features, default passwords or unapplied patches for hardware systems, and, of course, your Web site's open login, occur frequently. 

According to research on the "cloud 

(or Internet-based rental services of software applications),

most security incidents (hacking) and data breaches occur because of misconfigured cloud databases. Some examples include SocialArks, T-Mobile, Kaseja, Ubiquiti.

Password cloud databases also get hacked, allowing your data to be used elsewhere.

Password cloud databases also get hacked, allowing your data to be used elsewhere.

Ultimately, such cases could have been prevented if sufficient measures had been taken. After all, it's about awareness of an existing risk but also the responsibility of people to respond to it.

Want to know what steps you could take to better protect your organization? If so, please contact us.