Secura

🔒 Curious how secure your IoT devices really are? Join us for a live demo of our Hacker Playhouse at the upcoming Deltics Event. In this live session, our security specialist Jasper N. will reveal the tactics cybercriminals use to target connected devices. It’s an inside look at IoT security that you won’t want to miss. Thank you to Deltics for inviting us to showcase the Hacker Playhouse and share the cybersecurity insights we gain through our daily work. 📅 Event details: Deltics Event, November 12 2024 📍 Location: Arnhem, The Netherlands

Become Domain Admin in 5 minutes 🛡️ It may sound shocking, but Active Directory (AD) misconfigurations can make this possible. AD is the backbone of many organizations’ IT environments, but even small missteps in configuration can expose your organization to significant risks. In our latest article Security Specialist 💻Thomas Oldengarm explores common AD misconfigurations that attackers exploit to become domain admin before Dutch lunchtime. 🔗 Read the full article here: https://lnkd.in/e2RRSRpz   #cybersecurity #activedirectory  

#Cybersecurity | Digital technologies like automated signaling systems (CBTC, ERTMS), predictive maintenance, and remote monitoring have transformed railway operations, making them more efficient and connected than ever. As railways become increasingly essential to daily mobility and sustainable future, robust cybersecurity measures are crucial for keeping operations running efficiently and without disruption. Bureau Veritas is here to help! We offer cybersecurity services that support the railway sector in strengthening defenses and meeting regulatory requirements. Explore our infographic below to learn more about how we are helping to secure the future of rail transportation. Secura #ShapingaWorldofTrust #Railway

🟢 NEWS: The Cyber Resilience Act (CRA) for Digital Products has been adopted: What does it mean for your business?   The European Parliament and Council have officially adopted the Cyber Resilience Act (#CRA), the first EU-wide law focused on enhancing the security of digital products. This regulation represents a major step in strengthening #cybersecurity across the EU for products with digital components.   The regulation will take effect over the next 21-36 months, giving manufacturers, importers, and distributors time to ensure their products comply with the new requirements.   Imagine you are a manufacturer of smart thermostats or security cameras. Your products now fall under this new regulation, bringing significant obligations. You’ll need to meet strict cybersecurity requirements from design to end-of-life, including risk assessments, vulnerability management processes, and technical documentation for CE marking.   Here’s how our services could support you: ✅ Determining whether your products are within the scope of the CRA. ✅ Conducting a cybersecurity risk assessment. ✅ Assisting in classifying your products as "important" or "critical" under the CRA, which requires stricter conformity assessments. ✅ Interpreting the regulation’s requirements. ✅ Guiding you through the preparation of technical documentation and setting up vulnerability management and reporting processes. ✅ Ensuring CE marking and compliance throughout the product life-cycle, including timely vulnerability patching.   The CRA presents both challenges and opportunities. We can help you stay compliant, secure your digital products, and avoid penalties and reputational damage.   For more information on how we can assist you in preparing for the Cyber Resilience Act, contact Raluca Viziteu, Cybersecurity Consultant at Secura/Bureau Veritas Group.

🔍 Happy World Mole Day! We do realize this day is about Avogadro or atoms— but we’d like to put forward a different kind of mole.   Today, we’re excited to launch our "Spot the Mole" game, designed to challenge your team's awareness of physical social engineering through an immersive simulation. With this experience, your organization can raise the cyber resilience of your team.   The game is easy. One of our social engineers visits your offices and your staff competes to expose the mole: spot, address, check, and win!   If you want to know more about the "Spot the Mole" game, please contact Lucas van der Heide. 

Heading to Cybersec Netherlands on November 6th and 7th? Secura will be at the HSD pavilion, contributing alongside other HSD partners to strengthen the Netherlands' cyber resilience. Stop by and discover how we’re working together for a safer digital future.

Is uw gemeente klaar voor de uitdagingen van OT cybersecurity beveiliging? Graag nodigen we u uit voor ons webinar over het versterken van OT-beveiliging binnen gemeenten op 31 oktober. Dit webinar is gebaseerd op het recente onderzoek "Beveiliging van Operationele Technologieën (OT) door gemeenten," uitgevoerd in opdracht van de VNG. Het onderzoek benadrukt het belang van een sterke OT-beveiliging voor essentiële infrastructuren zoals verkeersregelinstallaties, brugbesturingen, rioolpompen en cameranetwerken. Senior OT Security Experts Willem Westerhof en Bram Blaauwendraad Blauwendraad van Secura delen tijdens het webinar praktische oplossingen en relevante frameworks, zoals #NIS2 en #BIO2. Hiermee kan uw gemeente de OT-beveiliging versterken. Met concrete tips helpt dit webinar u om direct actie te ondernemen en de veiligheid van uw OT-infrastructuur te verbeteren. Meld u nu aan en neem een stap richting een veilige toekomst voor uw gemeente. Datum: Donderdag 31 oktober 2024 Tijd: 11:00 - 11:45 👉 Meer informatie en aanmelding: https://lnkd.in/ef_PG4M5 Ook als u er niet bij kunt zijn, kunt u zich registreren. U ontvangt dan na afloop de opname van het webinar.

October 17, 2024 marks a major milestone for #cybersecurity in Europe. TODAY is the official deadline for EU countries to implement local laws based on the #NIS2 Directive. NIS2 is the second European Network and Informations Systems directive. It aims to improve the cyber resilience of critical and important companies and organizations in Europe. However, not every country will meet the deadline. As reported in DIGITALEUROPE’s NIS2 Transposition Overview (https://lnkd.in/ee3ZY9wK), each country is progressing at its own pace, with some nations still in the process of finalizing their NIS2 legislation. 🟢 Countries with Adopted NIS2 Laws: - Belgium: Adopted on May 17, 2024. - Hungary: Partial compliance through the Cybersecurity Certification and Supervision Act; full law expected by September 2024. - Lithuania: Adopted in July 2024. - Croatia: In effect since February 15, 2024. 🟠 Countries with Draft Laws in Progress: - Germany: Expected to take effect in early 2025. - Sweden: Anticipated effective date of January 1, 2025. - Netherlands: Projected implementation by 1 July 2025. - Poland: Aiming for timely compliance, though the timeline is ambitious. - Finland: Expected to meet the October 18, 2024 deadline. - Italy, Latvia, Czech Republic, Austria, Denmark, Luxembourg, Slovenia, Cyprus, and Slovakia are also progressing with draft legislation. 🟠 Countries Awaiting Draft Legislation: - France and Romania are actively preparing drafts. - Ireland plans to include NIS2 in its National Cyber Security Bill. - Greece aims to meet the October deadline, though the draft is not yet published. - Estonia anticipates publishing its draft by the end of August 2024. 🔴 Countries without Draft Legislation: - Spain - Malta - Bulgaria - Portugal These varied timelines may lead to some regulatory differences across borders, but collectively, they represent a stronger, safer digital Europe. How far is your company or organization with implementing NIS2? If you are wondering whether NIS2 applies to you, or if you need support with NIS2, check out our NIS2 page: https://lnkd.in/eNHHcDSH It’s time to strengthen your cybersecurity posture. Source image: NIS2 transposition overview, DigitalEurope.

We would like to thank everyone who joined our webinar on the latest #CommonCriteria updates EUCC and CC:2022, and how they impact your products. The broadcast was tailored to ICT vendors, Common Criteria evaluators, cybersecurity professionals, and anyone responsible for product security and compliance. The recording is now available as a webinar on demand. 👉 Watch the REPLAY here: https://lnkd.in/efAfDPXr In this engaging session, Cansu Yener, Senior Certification Specialist, and Kerem Kemaneci, Senior Cybersecurity Consultant, both working at Secura/Bureau Veritas Group explain all the important parts of the Common Criteria updates. They share how these changes affect product certification and what steps you need to take to ensure compliance. Looking for more information on our Common Criteria Services? Visit our Common Criteria page on our website. You can also download an implementation guide here: 👉 More Information: https://lnkd.in/eK3UsSkD #EUCC #CC2022 #CommonCriteria

Is your organization fully aware of its FIDO2 passkey security in Azure? While FIDO2 passkeys offer a strong, passwordless authentication solution, there’s a hidden risk every organization should be aware of. Our senior security specialist Max Rozendaal explores a crucial attack path in this latest article, highlighting how Microsoft’s Graph API for provisioning FIDO2 passkeys could potentially lead to the take-over of accounts with high-level privileges. If one application in your Azure tenant has been granted the permission to provision passkeys, your whole environment is at risk for compromise.   👉 Read the article now and strengthen your defenses. https://lnkd.in/e7MPusp5