Dan Tofan

GDPR vs. security operations. What you need to know when performing cyber security operations.

  You must have surely heard a thing or two about GDPR. It’s short for General Data Protection Regulation, being EU’s latest regulation as regards privacy and data protection. It has entered into force on the 25th of May 2018. There’s a whole bunch of articles out there, surely you must have opened at least […]

Read more

Can AI really help your business?

  Short comprehensive guide on current status and what you need to know in order to properly adopt AI in your company.   What exactly is AI?! Artificial Intelligence (AI) is the most compelling buzzword in tech. Just ignoring all of the alleged disruption that AI started to have upon everything, might seem like you […]

Read more

Why technology cannot be developed only by engineers. Harari vs. Zuckerberg on the social impact of technology.

  Last week I was surprised to discover an engaging debate between Yuval Noah Harari (YNH) and Mark Zuckerberg (MZ), on the future of technology. I highly recommend the talk. It will give layman and tech people alike hints on current issues and future projections on technology development and its impact upon society as well […]

Read more

Newsletter 26 – May 02, 2019

Some interesting stuff that I found online:     SECURITY: “Hidden backdoors” into Huawei’s equipment – https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment https://www.theregister.co.uk/2019/04/30/huawei_enterprise_router_backdoor_is_telnet/ Lessons learned from Maersk after NotPetya- https://www.zdnet.com/article/ransomware-the-key-lesson-maersk-learned-from-battling-the-notpetya-attack/   Good point of view on what is “reasonable security” – https://www.csoonline.com/article/3390150/what-is-reasonable-security-and-how-to-meet-the-requirement.amp.html ENISA’s human behavioral aspects of cyber security – https://www.enisa.europa.eu/publications/cybersecurity-culture-guidelines-behavioural-aspects-of-cybersecurity/ Top 25 women leaders in cyber security – https://www.thesoftwarereport.com/top-25-women-leaders-in-cybersecurity-of-2019/ […]

Read more

Newsletter 25 – April 25, 2019

Some interesting stuff that I found online:   SECURITY: Interesting case involving Fortinet – https://www.cyberscoop.com/fortinet-legal-settlement-china-us-military/ EC decides there is no evidence Kaspersky is malicious – http://www.scmagazine.com/home/security-news/european-commission-no-evidence-kaspersky-software-is-malicious/ TajMahal, a sophisticated APT – https://securelist.com/project-tajmahal/90240/ Apparently, there is proof that Huawei was funded by Chinese state  – https://www.forbes.com/sites/zakdoffman/2019/04/20/cia-offers-proof-huawei-has-been-funded-by-chinas-military-and-intelligence/#57b368377208 Stuxnet, goes as far as 2005 actually – https://www.darkreading.com/threat-intelligence/stuxnet-family-tree-grows/d/d-id/1334511   […]

Read more

Newsletter 24 – April 19, 2019

Some interesting stuff that I found online:   SECURITY: Some of my thoughts on the future of cyber security – https://medium.com/@tofandan/how-about-the-future-of-cyber-security-ec1515a206c7 Interesting developments in the cyber insurance market – https://www.nytimes.com/2019/04/15/technology/cyberinsurance-notpetya-attack.html Top cyber security influencers to follow on social media – https://blog.appknox.com/top-cybersecurity-influencers/     Next steps for Julian Assange – https://www.politico.com/newsletters/morning-cybersecurity/2019/04/12/whats-next-for-julian-assange-581816   SOCIAL: A quick pick […]

Read more

Newsletter 23 – April 10, 2019

Some interesting stuff that I found online:   SECURITY: Some of my thoughts on the future of cyber security – https://medium.com/@tofandan/how-about-the-future-of-cyber-security-ec1515a206c7 Key takeaways from the EU Cyber Security Forum – https://cybersecforum.eu/en/brussels/2019-takeaways/?mc_cid=4fd730efcc&mc_eid=3fb0bc48fe 38 mil. Euros available from EC for cyber security projects – https://ec.europa.eu/info/news/eu38-million-available-digital-security-research-projects-2019-mar-14_en   A little something on cyber security staff retention policies – https://www.helpnetsecurity.com/2019/03/04/cybersecurity-staff-retention-tactics/ […]

Read more

How about the future of cyber security?

  A simple online search for “cyber security predictions” will reveal a tremendous number of results. Everybody feels confident enough that they can predict the future in this area. But to what good, if human predictions are no better than “chimps randomly throwing darts at the possible outcomes”. Are we even near close to what […]

Read more

Newsletter 22 – February 28, 2019

Some interesting stuff that I found online:   SECURITY: Top 5 Cybersecurity Economic Reports for 2019 – https://www.linkedin.com/pulse/top-5-cybersecurity-reports-2019-quick-reference-guide-steve-morgan/ “There is an ongoing and significant risk to key parts of the Domain Name System (DNS) infrastructure” – https://www.icann.org/news/announcement-2019-02-22-en ESTI standard on IoT security – https://www.etsi.org/newsroom/press-releases/1549-2019-02-etsi-releases-first-globally-applicable-standard-for-consumer-iot-security CrowdStrike 2018 Global Threat Report – https://www.crowdstrike.com/resources/reports/2018-crowdstrike-global-threat-report-blurring-the-lines-between-statecraft-and-tradecraft/ Senior cyber professionals burnout […]

Read more

Newsletter 21 – February 12, 2019

Some interesting stuff that I found online: SECURITY: Why is it so difficult to cooperate in cyber security – https://medium.com/@tofandan/what-does-it-take-to-cooperate-in-cyber-security-3921e9c0eece Dell Secureworks list of security predictions for 2019 – https://www.secureworks.com/blog/what-to-expect-in-cybersecurity-for-2019 ENISA publishes a tool that supports developers to build secure mobile applications – https://www.enisa.europa.eu/news/enisa-news/better-security-measures-for-smartphones-enisa-has-created-a-smashing-new-tool Russia’s tests on how the country can survive without access to […]

Read more