EU Cyber Resilience Act: What Enterprise Software Vendors Must Change
The EU Cyber Resilience Act mandates significant shifts in how enterprise software is designed, developed, and maintained, moving beyond a reactive security…
Defense-in-depth for state registries: security beyond the perimeter
Protecting national-scale state registries requires a defense-in-depth strategy that extends beyond traditional perimeter security, focusing on data integrity, granular access control, and…
Threat Modeling for Document Workflow Systems: STRIDE in Practice
Securing enterprise document workflow systems requires a structured approach to identifying vulnerabilities. This article explores applying the STRIDE threat modeling framework to…
Data protection in ERP systems: role-based access and control
Unauthorized access to data in an ERP system can lead to significant financial and reputational losses. Let's explore how an effective role-based…
Hybrid cloud for government institutions: benefits and limitations
Government institutions face a unique challenge: how to modernize IT infrastructure leveraging cloud technologies without compromising security and sensitive data storage requirements?…
Electronic document flow in public procurement
Transitioning to electronic document flow in public procurement simplifies interaction with Prozorro and optimizes internal processes, but requires a systematic approach to…
Data protection in hybrid infrastructure
Companies migrating sensitive data to the cloud often face uncontrolled information spread beyond the perimeter. This creates new challenges for DLP systems,…
Offboarding failures that compromise company cybersecurity
Improper termination of employment can turn a former employee into a potential threat, undermining a company's cybersecurity. The absence of a clear…
IT project risk management: Softline methodology and practice
Sometimes, even the most well-thought-out IT project plan can be derailed by unforeseen circumstances. Softline shares its experience and approaches to effective…
Offboarding is the weakest link in cybersecurity
Improper offboarding can lead to data breaches, unauthorized access, and other cybersecurity incidents. Let's explore why this process is often overlooked and…