Nowadays, organisations, ranging from banks and government agencies to SMEs, depend heavily on the management of risks in order to preserve their existence, operation and profitability. This appears to be undeniable since risks exist in various forms, such as information security, compliance, reputational and outsourcing risks. If those risks are not identified, assessed and mitigated [...]

Who is to blame if your facilities are attacked via network connections? Spring 2017 a global ransomware attack, WannaCry Ransomware, got lot of attention hitting companies, organizations and individual persons. Estimations of its impact were varying but numbers revealed claim that it infected more than 230,000+ computers in 150 countries. A shocking part of the [...]

Working in Vienna for a couple to days this week to plan for the second iteration of the analysis of the pilot scenarios. The second iteration will create and validate the representation of the dependency analysis using the PROTOS-MATINE GraphingWiki. Chris Wills CARIS Research Ltd.

Some will argue the perspective that human nature is complex by default. Behaviour is a state which can be influenced by numerous factors such as experience, emotions, family and friends, regulations, personal life and the list goes on. Therefore, a question arises: how can we control human behaviour in information security? Everything is a matter [...]

New technologies are increasing our attack surface: Machine Learning, devices of the Internet of Things and Blockchain pervade the current technological context. Today there are opportunities unthinkable until a few years ago that open up new innovative scenarios. The downside is that we must confront an increasingly aggressive and sophisticated cybernetic threat.Training on new technologies [...]

I think I ‘met’ first time the term ‘framework’ in my first years of my professional ‘career’. Anything that was too vague to be of immediate practical use, too general to be regarded as a methodology (or a method), something that might be offering insights to different perspectives (or ‘planes’) of a problem, something that [...]

The most demanding challenge for cyber security in the digital transformation of enterprises, public institutions and citizens is nowadays represented by the  integration of different systems, which must work together to offer new services and open new market channels. Indeed, the focus is shifting from the internet of things (ioT)  and the internet of [...]

A report done by PwC in 2014 in cooperation with BBA (British Banking Association) highlights very interesting aspects and challenges of the financial and banking industry that are highly relevant for our CS-AWARE project: Malicious actors identified •       Hacktivists – looking to provoke maximum disruption and embarrassment o       Favoured techniques: SQL injection [...]

The final CS-AWARE solution is a combination of a generalized model of interconnected technologies, the framework, and their individualised implementation at a local public administration (LPA). In Software Architecture Design frameworks build the foundation for such structures of components, as Pree (1994) states frameworks are 'reusable semi-finished architectures for various application domains'. While the main [...]

The value of a good user interface is indisputable: with a good user interface, all features and functionality are supported; with a ‘bad’ or a ‘poor’ one, the users will ignore your product and will punish you to stay off market.I remember how Donald Norman’s book on ‘The Design of Everyday Things’ that I read [...]