The Cyber ​​Security Specialists Who Know About Mitts

Business network security is an important subject that many CIO spend on the necessary hours. For many companies, cybersecurity is also an area that receives too little attention. The Dutch company NFIR has recently integrated industry peer True-xs Cyber Security from The Hague and is now a Dutch organization that controls many aspects of the cyber security profession. Reason for an in-depth discussion with Arwi van der Sluijs, who was the founder of True-xs in 2016 and has been active in the world of cybersecurity since 2006.

NFIR (Dutch Forensic Incident Response) is experiencing a major growth spurt and the broadening of the scope was appropriate. Industry peers True-xs was a valuable addition and thus an even more powerful player emerged in the Dutch security market. Arwi van der Sluijs, the general director and co-founder of True-xs, is convinced of the strength of the newly formed organization: “Perhaps the greatest strength of our organization is that we are completely Dutch. NFIR is completely Dutch and only has to deal with Dutch laws and regulations. “

‘If a pentester hits patient records within 15 minutes, then it’s wrong’

It seems subordinate, but essential to cybersecurity is cryptography. Documents that are managed are encrypted. The Dutch government then entrusts state secret information to environments where foreign powers may have access through a back door. You should not want that as a company. It has already caused a boom in the market in the past. Access to environments via backdoors is a problem throughout the industry.

The American security service demands support for this in products from American manufacturers and therefore refuses Chinese infrastructure on the American market. It is and will remain a topic that concerns the mood.

NFIR built on different pillars

Arwi van der Sluis:

NFIR rests on solid pillars: the group of companies that NFIR is part of is a total of 300 FTEs. True-xs introduced the knowledge and specializes in the field of cybersecurity, Intermax the knowledge and infrastructure for cloud environments and Legian is the secondment branch that has access to a large range of IT specialists.

With these components, an organization has been built that is particularly sound in terms of knowledge and scalability. With every cybersecurity problem, one can offer the helping hand. Van der Sluijs: “We are the digital fire brigade and have forensic researchers. In the event of incidents, our digital forensic researchers can carry out thorough research, whether or not supported by a judicial mandate.

For example, is an employee suspected of stealing trade secrets and a competitor makes use of it, then we have the permit to be able to investigate this. Companies that think internal data is stolen give our forensic researchers access to their own infrastructure after which the search starts. If it has been proven that data has indeed been stolen and there is a strong suspicion that the competitor makes use of it, we can be given the mandate through the judiciary to have our forensic investigators also investigate at the competitor.

After all, it is a punishable economic crime to use stolen data/knowledge. Files, log files, e-mail boxes and other tracks can then be investigated by NFIR’s forensic investigators to confirm abuse or to identify abuse. ” give our forensic researchers access to their own infrastructure after which the search starts. If it has been proven that data has indeed been stolen and there is a strong suspicion that the competitor makes use of it, we can be given the mandate through the judiciary to have our forensic investigators also investigate at the competitor.

After all, it is a punishable economic crime to use stolen data/knowledge. Files, log files, e-mail boxes and other tracks can then be investigated by NFIR’s forensic investigators to confirm abuse or to identify abuse. ” give our forensic researchers access to their own infrastructure after which the search starts. If it has been proven that data has indeed been stolen and there is a strong suspicion that the competitor makes use of it, we can be given the mandate through the judiciary to have our forensic investigators also investigate at the competitor.

After all, it is a punishable economic crime to use stolen data/knowledge. Files, log files, e-mail boxes and other tracks can then be investigated by NFIR’s forensic investigators to confirm abuse or to identify abuse. ” then we can be given the mandate through the judiciary to have our forensic investigators also investigate with the competitor. After all, it is a punishable economic crime to use stolen data/knowledge.

Files, log files, e-mail boxes, and other tracks can then be investigated by NFIR’s forensic investigators to confirm abuse or to identify abuse. ” then we can be given the mandate through the judiciary to have our forensic investigators also investigate with the competitor. After all, it is a punishable economic crime to use stolen data/knowledge. Files, log files, e-mail boxes and other tracks can then be investigated by NFIR’s forensic investigators to confirm abuse or to identify abuse. “

‘NFIR is completely Dutch and only has to deal with Dutch laws and regulations’

Pentest as a preventive measure:

A pen test (penetration test) is a widely used technique to test the safety of an environment (company network, website, etc.). Healthcare institutions and web shops use it frequently. Certainly, at healthcare institutions (where there is a constant need to pay strict attention to the costs due to the tight budget), such a test is relevant.

Academic hospitals generally have better security, especially the smaller healthcare institutions that require extra attention. Due to the nature of the company, the healthcare organization is reasonably open and visitors can easily access the network from access points rather than in a company. Van der Sluijs: “If you come across a patient file with a pen test within 15 minutes, then the clear improvement is needed.”

An annual pentest is therefore not a luxury. At web stores, it is the way to test whether the processes behind the webshop are in order. The SME managed services are increasingly taking off. It is precise with this pen test that the quality of such a service can be tested. Given the costs – most pent costs between 5 and 50k – it is the slightly larger SMEs and the government that can afford this approach.

Leave a Reply

Your email address will not be published. Required fields are marked *