SECURITYSQUAD

Blog & Insights

Expertise, trends and practice from the world of information security.

Cyber threats in 2026: what companies should prepare for now

Cyber threats in 2026: what companies should prepare for now

AI-driven phishing, supply-chain attacks, multi-stage extortion: the key threats for 2026 – and the pragmatic measures that actually help.

Read more
Managed SIEM: why attack detection isn't a luxury for large enterprises

Managed SIEM: why attack detection isn't a luxury for large enterprises

Attacks often go unnoticed for weeks. How a managed SIEM gives mid-sized companies continuous monitoring, too – without their own SOC.

Read more
Cyber Risk Check per DIN SPEC 27076: a status report in three hours

Cyber Risk Check per DIN SPEC 27076: a status report in three hours

The official entry point into structured information security – fast, clear and BSI-compliant.

Read more
Cloud security: the most common misconfigurations in Microsoft 365

Cloud security: the most common misconfigurations in Microsoft 365

It's not the cloud that's insecure, but its configuration. The typical pitfalls in Microsoft 365 and Azure – and how to defuse them with little effort.

Read more
NIS2: What mid-sized companies need to know now

NIS2: What mid-sized companies need to know now

The NIS2 directive extends cybersecurity obligations to many more companies. Who is affected – and what steps matter now?

Read more
Phishing and the human factor: why awareness beats any firewall

Phishing and the human factor: why awareness beats any firewall

Most attacks start with a click. Why technology alone isn't enough, and how to turn your staff into the most effective line of defence.

Read more
Ransomware: prepare, detect, and act when it counts

Ransomware: prepare, detect, and act when it counts

Few attacks hit companies harder than ransomware. How to reduce the risk, spot an incident early and survive the worst case – without paying.

Read more
ISO 27001 based on IT-Grundschutz: the path to certification

ISO 27001 based on IT-Grundschutz: the path to certification

Why the BSI variant of ISO 27001 is more than a seal – and what the road to certification looks like in practice, without drowning in paperwork.

Read more
Penetration testing: find the weak spots before someone else does

Penetration testing: find the weak spots before someone else does

A pen test shows in black and white how far an attacker could get in your systems. What happens during one, how it differs from a vulnerability scan, and when it pays off.

Read more
Zero Trust: from buzzword to workable strategy

Zero Trust: from buzzword to workable strategy

"Never trust, always verify" sounds like a huge overhaul. How mid-sized companies can approach Zero Trust in manageable steps – without changing everything at once.

Read more