Over admin

Matthijs is director bij PwC’s Forensic Technology Solutions. Zijn specialismen zijn threat intelligence en incident response. Daarnaast creëert hij cybersecurity awareness bij bedrijven door het inzetten van de Game of Threats die door PwC is ontwikkeld. Naast zijn werkzaamheden bij PwC is hij gastdocent aan de Erasmus Universiteit bij de opleiding IT Audit & Advisory en vrijwilliger bij het Rode Kruis (Nationale Noodhulp). Matthijs heeft meer dan vijftien jaar praktische en strategische cybersecurity-ervaring, onder andere in zijn rol als Corporate Security Officer bij een internationale beursgenoteerde onderneming.

Wat is NIS2?

In de steeds digitaler wordende wereld is cybersecurity ontzettend belangrijk [...]

Door |2024-08-26T12:11:15+00:00juni 24, 2024|Uncategorized|Reacties uitgeschakeld voor Wat is NIS2?

What Digital Leaders can learn from peers and utilize an incident

Last week’s uproar on the Microsoft Azures database (Cosmos bug) hit the boardroom. A lot of major companies use Microsoft Cloud, so Azure customers were in for a rough surprise. Wiz's Chief Technology Officer Ami Luttwak (his company found the vulnerability) describes it as “the worst cloud vulnerability you can imagine.” 

Bloomberg says Microsoft warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases. In this blog, I don’t describe the incident or ‘chase the ambulance.’ I give my personal take on other industry experience and elaborate on what I would do if I were a Chief Information Security Officer of a global pharmaceutical company using Azure and if the CEO asks me “What the hack happened and what do we need to do?”..

Door |2024-06-12T06:49:40+00:00september 6, 2021|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor What Digital Leaders can learn from peers and utilize an incident

Account takeover prevention: techniques and data quality

In recent years, credential stuffing attacks have been on the rise. Cyber criminals take over accounts with username and password combinations that were stolen at third parties.

The goal of Account TakeOver (‘ATO’) prevention services is to prevent unauthorized access to your accounts. There are several types of techniques that can be used to implement ATO prevention services. The characteristics of the techniques varies widely. Furthermore the data quality of an ATO prevention service has a great effect on the effectiveness and efficiency of the service. In this article we will take a closer look at both the used techniques and data quality.

Door |2024-07-25T13:22:43+00:00januari 18, 2021|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Account takeover prevention: techniques and data quality

Is Digital Security a market for lemons?

Although information security has a long history, it wasn’t really top of mind of senior management, Board or other employees until late 2010s. A “security professional” became a real job and market demand has grown ever since. Awareness about security risks increased significantly. The thriving forces for this were major security breaches such as Snowden, NotPetja and WannaCry shocking the world, but also regulators demanding companies to protect their critical assets, including non-tangible ones such as data. As a result of this, we can now state it has the Boards attention by default. 

Door |2024-02-17T10:15:27+00:00november 17, 2020|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Is Digital Security a market for lemons?

Why account takeover prevention is important to protect against credential stuffing

Every year thousands of data breaches occur, as we can read in the daily news. The root causes of the breaches range from organizational issues to technical flaws. A new category of attacks emerged a few years ago: ‘credential stuffing’. According to F5, ‘credential stuffing and brute force attacks have been the biggest threats for financial services recently, and the trend shows no sign of slowing’. According to Akamai, ‘hackers have targeted the gaming industry by carrying out 12 billion credential stuffing attacks against gaming websites within the 17-month period analyzed’. Nowadays credential stuffing attacks are considered among the top digital threats. But what exactly is credential stuffing?

Door |2024-09-30T11:25:46+00:00oktober 2, 2020|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Why account takeover prevention is important to protect against credential stuffing

Digital risks to business, what do they cost?

Analyzing Business Information Security for a data breach use case

In a digital business world that is highly distributed via an eco-system, ensuring your digital assurance becomes vital. Everything needs to continuously work and Confidentially, Integrity and Auditability have to be assured, especially when your business is regulated and should demonstrate to be “in control”. Nevertheless, how do we do that when business models are under fire by hackers?.. 

Door |2024-02-17T10:19:42+00:00augustus 27, 2020|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Digital risks to business, what do they cost?
Ga naar de bovenkant