Endpoint Cybersecurity GmbH
- Implementing ISO 27001:2022 Annex A.18 – Compliance
- Maping NIS2 requirements to the ISO 27001:2022 framework
- Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
- Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
- Executive summary: NIS2 Directive for the EU members (updated)
- NIS-2: 10 common misconceptions about the regulation
- Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
- Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance
- Understanding ISO 27001:2022 Annex A.13 – Communications Security
- Understanding ISO 27001:2022 Annex A.12 – Operations Security
Securing the Secure: The Importance of Secure Software Practices in Security Software Development
/in EducationalIn an increasingly interconnected digital world, the importance of secure software cannot be overstated. Many people think that by using security software all their digital assets become automatically secured. However, it is crucial to recognize that security software itself is not inherently secure by default. To ensure the highest level of protection, security software must […]
The Automotive industry’s inadequate approach towards software (in the cars)
/in EducationalIntroduction The automotive industry has witnessed a paradigm shift with the increasing integration of software in vehicles. Modern cars are no longer just mechanical devices with a motor, wheels and steering; they are now sophisticated machines having dozens of CPUs (called ECU), entire computers, high speed network to connect them (called CAN-bus) and relying on […]
ChatGPT and automotive cybersecurity #2/2: TISAX certification
/in EducationalThis is the 2nd post about Automotive Cybersecurity. Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them. First post was about CSMS and ISO 21434 and this one is about […]
ChatGPT and automotive cybersecurity #1/2: About CSMS from ISO 21434
/in EducationalAs promised, I played more with ChatGPT and this time I started to dig a bit into cybersecurity for automotive. Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them. Unfortunately, nothing […]
A brief history of software vulnerabilities in vehicles (Update 2023)
/in EducationalUpdated in 2023: 2023: Sam Curry: Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More Kia, Honda, Infiniti, Nissan, Acura Fully remote lock, unlock, engine start, engine stop, precision locate, flash headlights, and honk vehicles using only the VIN number Fully remote account takeover and PII disclosure via VIN […]