We recently published a blog post about a pragmatic way to use RBAC for GDPR compliancy: The first step would be to check and validate which roles contain entitlements with GDPR relevant data. The second step is to check and verify which persons have this type of roles. by: André Koot and Victor SantAnna
In planning cybersecurity, it is critical to start the planning from the actual threats and the company’s business operations. Thus, it is possible to direct the investments made in cyber defense at the areas critical for the business and at the real threats these are exposed to.
Last week (16th to 20th of April) was all about Internet of Things here in the Nordics. Our journey started from the Nordic IoT Week 2018 event in Finland where many of the industry leaders in the area gathered to discuss and exchange ideas. We followed up with the Nordic StrategyForum event focusing on IoT in Sweden.
No technology has quite had the impact on society and business than that of AI as of late. It's becoming increasingly hard to find a domain where AI isn't either actively used or at least being researched. Naturally, for us security people, AI is both a tool and a new type of threat landscape.
This is the 4th part of our blog series "Things that security auditors will nag about and why you shouldn't ignore them". In these articles, Nixu's security consultants explain issues that often come up when assessing the security of web applications, platforms and other computer systems.