Blog
Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

Cybersecurity Blog

Browse through exciting articles, current news and helpful tips & tricks from our experts on all aspects of cybersecurity.

header-das-informationssicherheitsgesetz-isg-des-bundes-schweiz

Overview of the Federal Information Security Act

With the Information Security Act* (Informationssicherheitsgesetz, ISG) coming into force on January 1, 2024, new standards for securing information and infrastructure were set in Switzerland. The law brings comprehensive innovation in the field of cybersecurity and strengthens the security of information and infrastructure at various levels, as well as cyber resilience in general. The ISG applies to both government authorities and private companies that are significant for the security of the federation. A particular focus is on operators of critical infrastructure. This article provides an overview of the main changes and requirements that the ISG brings.

MORE
social engineering_schutz und praevention

Social Engineering – Risks and Prevention for Businesses

It is estimated that companies worldwide suffer billions worth of damages each year due to social engineering attacks. In response to the significant advancements made by companies in strengthening their technical defenses against cyberattacks in recent years, attackers are seeking new methods to gain unauthorized access to networks and obtain data. In essence, this is not a new phenomenon, but rather a shift back to the traditional methods used by attackers.

MORE
Social Engineering_Einfuehrung_Methoden

Social Engineering: Introduction and Techniques

The advent of the internet, along with the concurrent increase in computer processing power, ushered in the digital age for businesses. This technological progress, however, also gave rise to new threats in cyberspace, which presented significant challenges for companies. Consequently, there was a tendency to prioritize the hardening of the information infrastructure, with the “old” threats largely being relegated to the background.

MORE
tabletop üebungen-so schuetzen sie ihre firma

Tabletop Exercises: Ransomware Attack Simulation

Tabletop exercises allow organizations to test and improve their crisis management capabilities in a safe environment. Realistic scenarios are played out, allowing participants to refine their response strategies to potential security incidents and identify weaknesses in their existing processes.

MORE
cyberattacken-so-schuetzen-sie-ihre-firma-vor-hackern

Cyberattacks: How to Protect Your Company From Hackers

There has been a dramatic increase in the number of cyberattacks in recent years, affecting both companies and private individuals alike. Phishing emails and other attacks have become more or less an everyday reality at work. Ransomware attacks have a particularly high potential to cause severe damage – which is why they receive a lot of media attention.

MORE
How To Protect Against Ransomware

How To Protect Against Ransomware: Effective Tips for Companies

Over the past few years, ransomware has become a serious threat to businesses that can cause significant damage. The financial impact of ransomware attacks is enormous – in addition to the cost of business interruption, organizations that fall victim to such an attack must also pay for the analysis and recovery of affected systems and data, as well as, in some cases, ransom demands.

MORE
Ransomware Detection and Prevention

Ransomware: Detection and Prevention

Ransomware represents one of the most significant and pervasive cyberthreats today. What originated as a relatively rudimentary blackmail tool has evolved into a highly sophisticated and organized criminal industry. Businesses and private individuals worldwide are confronted with this growing threat due to its relentless and indiscriminate nature.

MORE
Incident Response Readiness Assesment für Unternehmen

Be Prepared for Emergencies: Incident Response Readiness Assessment for Your Organization

The importance of having a high level of cyber resilience is increasing exponentially these days as cyberattacks become more complex and frequent. Cyber resilience is the ability of a company to maintain business operations in the event of a cyberattack and to return to normal state as quickly as possible. This requires both preventive measures to avoid cyberattacks and strategies for rapid response and recovery in the event of a successful attack.

MORE
Tabletop Exercises

Tabletop Exercises: Putting Your Crisis Management to the Test

The prevalence of cyberattacks has increased markedly in recent years, becoming a common occurrence in the contemporary business environment. The vast majority of us utilize information technology tools, are connected to networks, and benefit greatly from this connectivity. Nevertheless, an increasing number of companies are coming to recognize that malicious actors are also exploiting this networking and the resulting dependence on digital resources to their advantage. Ransomware attacks for example have become part of the everyday problems faced by many organizations.

MORE
Nutzen von Red Teaming

Red Teaming: What Are the Benefits and Who Is It Useful For?

In an increasingly complex and dynamic world, it is essential for organizations to continually review and improve their security and defense strategies. One of the most effective ways to uncover vulnerabilities and build resilience is through red teaming. But what exactly is red teaming? And for what types of organizations is it best suited?

MORE
der-einfache-einstieg-in-das-thema-conditional-access-policies

An Introduction to Conditional Access Policies

Many businesses today rely on Microsoft 365 services. As these services become more popular, they also become more likely targets for hackers. Experience shows that there are still organizations that have not secured their Microsoft Cloud clients. Therefore, organizations should take protective measures against cyberattacks – Conditional Access policies are one such measure. This article provides an overview of how Conditional Access policies work.

MORE
Phishing in Unternehmen

Response to Phishing Attacks in Companies

In the digital world, companies are constantly exposed to new threats. Phishing attacks are among the most insidious forms of such threats, as what looks like a simple click on an email can have devastating consequences – from financial loss to data breach.

MORE
Schwachstellenanalyse mit MITRE ATT&CK

Vulnerability Analysis With MITRE ATT&CK

The non-profit organization MITRE has been documenting Tactics, Techniques and Procedures (TTPs) used by known Advanced Persistent Threats (ATPs) since 2013. The result is the MITRE ATT&CK® Framework. ATT&CK stands for “Adversarial Tactics, Techniques & Common Knowledge”.

MORE
Incident Response Plan Red Flags

The 7 Red Flags When Creating an Incident Response Plan

A well-thought-out incident response plan (IRP) can prepare your organization for an emergency and enable you to respond to incidents in a more structured, efficient and comprehensive manner. An incident response plan provides a structured approach to handling cyber incidents and serves as a guide for each phase of the incident response process. This increases your incident response readiness.

MORE
Unterscheidung zwischen Operational Technology (OT) und Information Technology (IT)

Distinction between Operational Technology and Information Technology

What would you expect power plants, production facilities and transportation companies to have in common? They all use Operational Technology (OT) in sometimes highly critical infrastructures to control industrial systems. Examples include production lines, robot systems and machines, to name just a few.

MORE
Schnell und eifach den richtigen Passwortmanager finden

Quick and Easy Guide to Finding the Right Password Manager

In an increasingly digital world where the security of corporate data is a top priority, every organization faces the challenge of protecting sensitive information from cyber threats. We are all familiar with the dilemma of having to remember long and complex passwords.

MORE

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts