Cyber4Z is happy to celebrate its fifth anniversary!

Cyber4Z was founded in 2015 by Rob Mellegers and Mathé Grippeling. Matthijs Nelissen has also joined as co-owner two years ago. In the meantime, we have managed to achieve great things! Here is an overview of the last five years.

We have grown considerably in five years and have been able to achieve this with our own resources. We are also active internationally, where we have been able to create a number of successful partnerships that have proved successful for all parties. And that is important, because in these turbulent times we need each other more than usual and it is important that we not only keep success within ourselves, but share it with our strategic partners. We have successfully completed a large number of certifications and not only ISO27001, but also TISAX and BIO installations. For example, we helped the first municipal organization provide the first official statement that they comply with the BIO in design and existence. We have also embarked on a new adventure by diving into the development of an IT Service Management solution that really distinguishes itself from other products because security is embedded in the solution. Big names such as SSH and KPN have linked their products to the solution, because they also consider it important to have security of paramount importance.

We are happy with these developments, but remain focused on the requirements and wishes of our customers. For this we need continuous input and we strengthen our team with 'continuous learning' so that we can continue to provide our customers with sound advice based on knowledge and skills. We look forward with confidence to the next five years with new challenges, developments, small and large successes and, above all, a close-knit and strong team that is passionate about their profession and, above all, works with dedication and pleasure on their assignments.

Cyber4Z is pleased to announce our new colleague: Yu-Mei Liebregt!

Cyber4z is again delighted to introduce a new colleague. Yu-Mei came into contact with cybersecurity during her studies and started her career at Cyber4Z. We would like to welcome her to the team! She introduces herself below.

My name is Yu-Mei Liebregt. I recently graduated from Integrale Veiligheidskunde. During my study I learned more about cybersecurity and cybercrime. In Utrecht I followed the minor Privacy and Information Security, which increased my interest in cybersecurity. For my thesis I made a business continuity plan, after which I came into contact with Cyber4Z. Cyber4Z offers a nice combination between the policy / ISO part and the technical side, which interests me enormously. I am really looking forward to getting started and learning a lot!

Cyber4Z is pleased to announce our new colleague: Don Mulders!

Cyber4z is once again delighted to introduce a new colleague. Don has experience as a software engineer, pentester and security analyst and will use this great skillset for our customers. Welcome to the team! He introduces himself below.

My name is Don Mulders and I have a background in IT and IT Security. Specifically, I have a bachelor's degree in Game Technology, after which I obtained a master's degree in Information Security Technology. In addition, I have many years of experience in various programming languages. I like to think out-of-the-box and bridge the gap between technology and people. Cyber4Z offers me a wide range of opportunities, both to use my technical background and to further develop myself in the policy side of information security. In my spare time I play all kinds of games; drill games, Pathfinder, and also online games.

Cyber4Z is working together with the Dutch Cyber Weerbaarheids Center on the development of a threat intelligence platform

Cyber4Z is a partner of the Dutch Cyber Weerbaarheids Center Brainport (CWB). Cyber4Z has set up a Malware Information Sharing Platform (MISP) together with the CWB. Through this platform, the participants of the CWB, mostly companies in the high-tech and manufacturing industry, receive so-called events from the National Cyber Security Center. This actively informs participants about possible vulnerabilities and threats. Participants submit their IP addresses and a list of used hardware and software to the NCSC and these participants now receive current and relevant information. This news has now been picked up by various media. Cyber4Z is proud that they have been able to set up this service for the CWB and the many participants!

Click here to visit the website of the CWB and click here to read the article of Computable.

Cyber4Z is pleased to announce our new colleague: Martijn Claes!

Cyber4Z is pleased to introduce a new colleague: Martijn Claes will start at the end of August and will focus on the technical aspects within cyber security and penetration testing. Welcome to the team, Martijn! Below he introduces himself.

While obtaining my Master of Electronics and ICT engineering I discovered the cybersecurity domain. I've been working in IT for 5 years with a specialization in security - more specifically infrastructure security. Coming from a pentesting background, I've successfully managed and conducted security penetration tests and provided clear advice and support to clients on how to apply fixes. My biggest satisfaction is helping organizations to find the weaknesses which makes them vulnerable and offer the best recommendations on how to fix them

Cyber4Z welcomes our new colleague Brandon!

Cyber4Z is pleased to announce that as of July 1, our new colleague Brandon will be part of our team! He will focus on software development. Below he introduces himself.

My name is Brandon Kleijnen and I completed my HBO ICT studies last year with a specialization in Software Development. During my HBO studies I worked for a number of years at a computer service provider. I am at the start of my career and want to gain as much knowledge as possible. Working for clients and on solutions is important to me and I would like to contribute this at Cyber4Z. The moment I help people with their issues and answer them successfully, are the moments when I am really happy.

Interview with Arissa d'Fonseca - Security Consultant at Cyber4Z

Arissa has been working at Cyber4Z since 1 October 2019, combining learning and working. We were curious about her experiences and tips as a starting security consultant.

What do you do at Cyber4Z?

I am currently employed at a large customer as a Risk Manager, where I mainly deal with managing the risk register. I have monthly meetings with multiple Risk Managers to discuss progress and I report on this. In addition, I do application intakes where we gain more insight in the risks when using these applications and which information is on which system.

Then you speak a lot of people!

Yes, I am amazed at how many colleagues there are and how many different people are employed. I think that is very important and I feel better with the atmosphere of a large company.

What do you enjoy the most about your job?

I really enjoy working with colleagues and people. I am good at leveling with everyone, so the conversation is always pleasant.

Is there anything about working as a consultant that you expected in advance but turns out to be very different?

It may sound very strange but when I am honest, I expected that in the first year I would get less confidence, but I actually get a lot of freedom and trust to be able to do my work and that helps enormously.

What is your best tip for people who study now for work later?

I would say complete your first year, get your foundation degree and start applying at jobs. When you start your study, it is very important to gain experience in the field. Learn about the field, because school is a completely different area.

Do you have any tips for universities on how they offer classes?

The fact that a study program should initially focus the field of work. For example, I see 5 courses that all revolve around the same thing, but just a different description. I would go more into specific topics and the different aspects and possibilities. The current courses are too generic. We train too many globalists. If you do something with the work field, you immediately have more aspects of it.

Article: what is ransomware and how does it work?

What is ransomware?

Ransomware, also known as hostage software, is a type of malware that encrypts data, but also systems and an entire network, where the victim has to pay money to regain access. This is usually done by criminal organizations to make money. Ransomware has grown considerably in popularity among malicious parties in recent years. For example, the number of ransomware attacks registered with leading insurance company Chubb has risen on average by 12% a year in recent years compared to the previous year, with the number of attacks in 2019 increasing by as much as 18%. One of the best-known ransomware is WannaCry, affecting various organizations internationally.

Methods

There are several ways in which a ransomware can infect a computer or network. The most common way is through spam: emails sent to trick the recipient into clicking a link or opening a file. Another way is by visiting infected websites, where visitors automatically download malware. This can be websites that are specially designed to distribute ransomware, but also websites that are themselves infected without knowing this.

Recommendation

When your organization is dealing with ransomware, it is always recommended that you do not pay any money to unlock your files, systems and networks. The reason for this is that the malicious person will come back to you more often and moreover this person cannot be trusted, so there is no guarantee that your files will be released. Cyber4Z supports you and your organization in helping to prevent ransomware attacks. We use proven technologies and organizational measures to better prepare your organization for possible ransomware attacks. Feel free to contact us for more information, we are happy to assist you!

Cyber4Z and Cyber4Z-GCC successful in the Gulf region during the Cyber Security Conference in Kuwait City

Cyber4Z-GCC had a successful presence during the 2nd Cyber Security Conference in Kuwait City. Prof. Dr. Safaa Zaman, Full professor of the University of Kuwait and General Manager of Cyber4Z-GCC organised this second event with support of his Highness, the Prime Minister Sheikh Jaber Almubarak Alhamad Alsabah. Rob Mellegers was invited to present about risks from open sources. He had assessed 4 companies in Kuwait from open sources without performing a scan or penetration test. The results have been presented and discussed afterwards. Thanks to the solution of Cyber4Z partner SecurityScoreCard, we were able to find many interesting results. The solution is used for Third Party Management. Some Dutch based products have been presented as well, like the Ubikey. An invention from NXP to handle authentication without passwords.

.

Cyber4Z will support the Cyber Resilience Center Brainport by performing security health checks for a part of the joined organizations

Cyber Resilience Center Brainport is the first in the Netherlands in having a Cyber Resilience Center to help companies within the knowledge-intensive industry with resilience against digital espionage and sabotage. This makes the high-tech region the leader in the Netherlands that -in addition to the vital sectors as designated by the Dutch government (such as health care, energy, harbor, etc.)- is making serious work out of cyber resilience.

For more information about CWC Brainport, visit LinkedIn or the website of Brainport.

Cyber4z welcomes two new colleagues: Arissa en Burak!

Cyber4Z is pleased to announce two new colleagues to our team as of the 1st of October. They introduce themselves below. Welcome Arissa and Burak and lots of success and fun!

My name is Arissa D’Fonseca and I am currently in the 3rd year of HBO ICT and I specialize in Cyber Security. I am very curious about the field of the Cyber Security industry. Cyber4Z gives me the opportunity to combine studying, working and gaining experience. There is a lot that I want to learn and I expect to gradually expand my knowledge and expertise and ultimately apply this carefully to Cyber4Z and its customers.

My name is Burak Agyel and I have a background in both IT and information security. I have always combined working and learning and therefore successfully gained work experience as an administrator during my MBO ICT management and HBO ICT Management & Security. I have worked as a security consultant with various clients in recent years and will serving clients at Cyber4Z, with a focus on technical / IT security.

Cyber4z positively assessed on ISO 27001 and 9001 surveillance audit

Cyber4Z has been certified against ISO27001 and ISO9001 for a number of years now. Certification is a way to formally prove that we handle confidential information responsibly, since we have set up an information security management system in a structured manner. In the first three years we are tested annually by means of a surveillance audit. If there have been changes in the management system, it will be independently assessed whether we have organized these changes in a responsible manner. Because we help our customers with various certification processes, we believe that we ourselves must also comply with the security guidelines from both ISO standards. That is why we are pleased that DEKRA has acknowledged again that we can continue to maintain our certificate. Compliments for the entire team who took responsibility for the activities in a continuous improvement process and that we are able to manage our management system and the associated measures, and thus managing the risks adequately!

Strategic partnership between Foreach-IT & Cyber4Z

Cyber4Z is very pleased to announce that Foreach-IT and Cyber4Z have signed a contract for a strategic partnership. We will be able to deliver security software in addition to consultancy. The focus of this software is on risk and compliance, in particular technical compliance in accordance with the BIO (Baseline Information Security for the Government), which is derived from ISO 27001:2017 and ISO 27002:2017. In addition, access mechanisms are incorporated into the software, in partnership with SSH, so that administrators have controlled access to the systems they manage, based on the keywords manageability, controllability and irrefutability.

Nice collaboration between Brunel and Cyber4Z!

Brunel organizes the exclusive 'Meet & Inspire event: Ethical Hacking' on Thursday 6 June 19 at Van der Valk Hotel Brussels Airport for cyber security and information security professionals. From Cyber4Z, Rob Mellegers and Raf Martino will share their expertise with ethical hacking that evening. Do you want to be attend this event? Register now via EventsBE@brunel.net. Be quick, because the places are limited. .

Frank van Hooft, our new colleague in the role of Senior Security Consultant

My name is Frank van Hooft, on March 1st I will join Cyber4Z as Senior Security Consultant. With a background in process and project management, I started with information security twelve years ago. The width and depth of information security has grabbed me. The multitude of topics such as risks and mitigating measures, the difficult communication between "the business" and "IT" are some examples of the world in which I feel at home. I get my energy by supporting "business" in this.

I live in Almkerk, together with my wife and son of 22. My hobbies are music, reading, exploring Scotland and going out on my motorbike.

Cyber4Z is wishing you a succesfull 2019!