Expertise, trends and practice from the world of information security.
AI-driven phishing, supply-chain attacks, multi-stage extortion: the key threats for 2026 – and the pragmatic measures that actually help.
Attacks often go unnoticed for weeks. How a managed SIEM gives mid-sized companies continuous monitoring, too – without their own SOC.
The official entry point into structured information security – fast, clear and BSI-compliant.
It's not the cloud that's insecure, but its configuration. The typical pitfalls in Microsoft 365 and Azure – and how to defuse them with little effort.
The NIS2 directive extends cybersecurity obligations to many more companies. Who is affected – and what steps matter now?
Most attacks start with a click. Why technology alone isn't enough, and how to turn your staff into the most effective line of defence.
Few attacks hit companies harder than ransomware. How to reduce the risk, spot an incident early and survive the worst case – without paying.
Why the BSI variant of ISO 27001 is more than a seal – and what the road to certification looks like in practice, without drowning in paperwork.
A pen test shows in black and white how far an attacker could get in your systems. What happens during one, how it differs from a vulnerability scan, and when it pays off.
"Never trust, always verify" sounds like a huge overhaul. How mid-sized companies can approach Zero Trust in manageable steps – without changing everything at once.