No Image

NIS2: 2.Designate a responsible person or team

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to ensure its success. NIS2 implementation and compliance is a project, and as any project must have a dedicated team that is actively working on its implementation. Due to the fact that the the NIS2 requirements are demanding a continuous activity, there must be a continuity of the project after its implementation. This means that there has to be a team appointed to this project that is responsible for continuously monitoring and adapting the activities required for NIS2 compliance. To effectively manage these challenges, companies should establish a new dedicated team or name an existing team to be responsible for cybersecurity and compliance. In this article, we will explore the reasons behind the need for such a team and identify existing teams within a company that could take on these vital responsibilities. Cyber threats are constantly evolving, becoming more sophisticated and persistent. From data breaches and ransomware attacks to regulatory changes, companies are exposed to a multitude of risks that can…

Read More

NIS2: 1. Perform a gap analysis

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the first step in implementing NIS2 requirements is to perform a gap analysis.   The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you comparing the existing situation. It is usual when performing a gap analysis of security maturity to compare against ISO 27000 standard, the ISO 27001 in particular. Performing a gap analysis on the security stance of a company following ISO 27001 involves comparing its current security measures and practices against the requirements specified in the ISO 27001 standard. This analysis helps identify areas where the company’s security posture aligns with the standard (compliance) and areas where there are gaps or deficiencies (non-compliance). Here’s a technical breakdown of the process:   Familiarize with ISO 27001 Understand the ISO 27001 standard and its security requirements. This includes studying the Annex A controls, which represent a comprehensive set of security best practices. Define the Scope Determine the scope of the analysis, starting with which areas of the organization’s security management system (SMS) will be assessed, such as specific departments, processes, assets, or locations. Then focus on which parts of the company’s operations will be…


No Image

How-To: NIS2 EU Directive

The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member States’ cybersecurity capabilities, its implementation proved difficult, resulting in fragmentation at different levels across the internal market. To respond to the growing threats posed with digitalisation and the surge in cyber-attacks, the Commission has submitted a proposal to replace the NIS Directive and thereby strengthen the security requirements, address the security of supply chains, streamline reporting obligations, and introduce more stringent supervisory measures and stricter enforcement requirements, including harmonised sanctions across the EU. NIS2 strengthens security requirements in the EU by expanding the NIS scope to more sectors and entities, taking into account the security of supply chains, streamlining reporting obligations, introducing monitoring measures, introducing more stringent enforcement requirements, adding the concept of “management bodies” accountability within companies, and harmonizing and tightening sanctions in all Member States. To achieve the above mentioned goals, NIS2 requires member states to take a number of measures that forces them to work together: Establish or improve information sharing between member states and a common incident…


Executive summary: NIS2 Directive for the EU members

  The NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive)” . The NIS 2 Directive aims to improve cybersecurity risk management and introduce reporting obligations across sectors such as energy, transport, health, and digital infrastructure . It provides legal measures to boost the overall level of cybersecurity in the EU . The directive covers a larger share of the economy and society by including more sectors, which means that more entities are obliged to take measures to increase their level of cybersecurity . The management bodies of essential and important entities must approve the cybersecurity risk-management measures taken by those entities, oversee its implementation, and can be held liable for infringements . Who is affected? The NIS 2 Directive significantly expands the sectors and type of critical entities falling under its scope….


Implementing secure over-the-air (OTA) updates in embedded devices

This is a follow up article related to Secure Booting and Secure Flashing. It is the 5th article related to Strengthening the Security of Embedded Devices Implementing secure over-the-air (OTA) updates in embedded devices requires careful consideration of various security aspects. Here are some key steps to implement secure OTA updates: 1. Secure Communication Channel – Use secure protocols such as HTTPS or MQTT over TLS/SSL to establish an encrypted communication channel between the device and the update server. – Authenticate the server using certificates to ensure the device is communicating with a trusted source. – Employ strong encryption algorithms to protect the confidentiality and integrity of the update data during transmission. 2. Code and Firmware Integrity – Digitally sign the firmware updates using a private key and verify the signature using a corresponding public key on the device. – Implement mechanisms such as checksums or hash functions to verify the integrity of the received update files. – Use secure boot techniques to ensure that only trusted and authenticated firmware updates are installed on the device. 3. Access Control and Authorization – Authenticate and authorize the device before allowing it to download and install updates. – Implement access control mechanisms…


The Importance of Secure Flashing for Embedded Devices and Secure Implementation Practices

This is the third article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices The second article was Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions In this article, we will explore the importance of secure flashing for embedded devices and discuss best practices for implementing secure firmware updates. Secure flashing refers to the process of updating or replacing firmware on an embedded device in a secure and reliable manner. Firmware is the software code that runs directly on the hardware of the embedded device, controlling its functionality and behavior. Secure flashing ensures that firmware updates are performed in a way that minimizes the risk of unauthorized access, tampering, or corruption. Secure flashing involves implementing a set of security measures and practices to ensure the integrity, authenticity, and confidentiality of the firmware during the update process. These devices often rely on firmware updates to enhance functionality, address vulnerabilities, and ensure optimal performance. However, the process of flashing firmware onto embedded devices can introduce security risks if not handled properly.   Significance of Secure Flashing Vulnerability Mitigation Firmware updates often address security vulnerabilities discovered in embedded devices. Secure flashing ensures that these updates are…


Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions

This is the second article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying out a specific set of functions. They are often characterized by their compact size, low power consumption, and optimized performance for their intended application. No  wonder that embedded devices are becoming increasingly prevalent, powering a wide range of applications such as IoT devices, industrial control systems, and automotive systems. With their growing ubiquity, ensuring the security of these embedded devices has become a critical concern. Secure booting is a fundamental security mechanism designed to protect embedded devices from unauthorized access and tampering, playing a vital role in maintaining the integrity of the system. This article explores the concept of secure booting for embedded devices and highlights its significance in enhancing overall security. Understanding Secure Booting Secure booting is a security feature that establishes a chain of trust during the booting process of a computer and embedded devices. It ensures that only trusted and verified software…


Strengthening the Security of Embedded Devices

Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying out a specific set of functions. They are often characterized by their compact size, low power consumption, and optimized performance for their intended application. Embedded devices can be found in various domains and industries, including consumer electronics, automotive, healthcare, industrial automation, telecommunications, and IoT (Internet of Things). Examples of embedded devices include: Smartphones and tablets: These devices integrate multiple functionalities such as communication, multimedia, and internet access into a portable form factor. Home appliances: Devices like refrigerators, washing machines, and thermostats may contain embedded systems that control their operations and offer smart features. Industrial control systems: Embedded devices are widely used in manufacturing plants and industrial environments to monitor and control processes, machinery, and equipment. Automotive systems: Embedded devices are essential components in modern vehicles, managing functions such as engine control, entertainment systems, safety features, and navigation. Medical devices: Embedded systems are utilized in various medical equipment, such as patient monitoring devices, implantable devices, and diagnostic tools. IoT devices: These are interconnected devices that gather,…


How to Configure the Most Secure Settings for Microsoft Defender

This article is entirely written by Bing AI client integrated in Skype.   Q: write an article describing most secure settings of Microsoft Defender A: Microsoft Defender is a comprehensive security solution that protects your Windows devices from various threats, such as malware, ransomware, phishing, and more. Microsoft Defender includes several features and settings that you can customize to enhance your security and privacy. In this article, we will show you how to configure the most secure settings for Microsoft Defender, based on the recommendations from Microsoft and other sources.   Enable Real-Time Protection and Cloud-Delivered Protection Real-time protection is a feature that scans your files and programs in real-time and blocks any malicious activity. Cloud-delivered protection is a feature that uses Microsoft’s cloud-based intelligence to detect and respond to new and emerging threats. To enable these features, follow these steps: • Open Windows Security by selecting Start > Settings > Update & Security > Windows Security or by clicking the shield icon in the taskbar. • Select Virus & threat protection. • Under Virus & threat protection settings, select Manage settings. • Turn on the following options: Real-time protection, Cloud-delivered protection, Automatic sample submission, and Tamper protection https://support.microsoft.com/en-us/windows/stay-protected-with-windows-security-2ae0363d-0ada-c064-8b56-6a39afb6a963.  …


The Importance of Implementing an Information Security Management System (ISMS)

In today’s interconnected and data-driven business landscape, information has become one of the most valuable assets for companies. As organizations rely heavily on technology and digital platforms, protecting sensitive data from threats has become a critical concern. This is where an Information Security Management System (ISMS) plays a pivotal role. In this article, we will explore why it is essential for companies to have an ISMS and how it can help safeguard their information assets. Definitions An ISMS, or Information Security Management System, is a systematic approach to managing an organization’s information security processes, policies, and controls. It is a framework that provides a structured and holistic approach to protect the confidentiality, integrity, and availability of sensitive information assets within an organization. The primary objective of an ISMS is to establish a set of coordinated security practices that align with the organization’s overall business goals and risk management strategies. It involves defining and implementing policies, procedures, guidelines, and controls to manage the security of information assets effectively. Key components of an ISMS typically include: Risk Assessment: Identifying and assessing potential risks and vulnerabilities to the organization’s information assets, including data breaches, unauthorized access, and system failures. Security Policies: Developing comprehensive…


%d bloggers like this: