Cyber4Z in short

Cyber4Z started in 2015 with two specialists experienced in the cybersecurity domain. We now have a team with various capabilities in the field of strategic and tactical design of cyber security, IT, Privacy and Blockchain technology.

In addition, we are involved in technical and tactical implementations of complex security challenges that focus on the acceptance of new technologies in a pragmatic way. With our expertise and experience, we can guarantee the business objectives of our clients. These are widely determined by laws and regulations, customer requirements and rules of compliance.

  • Predict

  • Prevent

  • Detect

  • Respond

  • Remediate

Who are we?

Our team consists of certified professionals. Quality is our top priority. The technical and tactical implementations we deliver from the strategic design can be externally certified against the ISO9001, ISO27001, NEN7510 or other standards. Therewith we can have our quality tested externally as well. In addition, we provide operational knowledge when it comes to technical security assessments such as penetration tests, project management, SOC / SIEM propositions with connecting services such as log management, vulnerability and compliance management, patch management, training in the field of privacy, security and blockchain technology.

More about Cyber4Z

Our clients


Monthly Cybernote: December 2023


Dutch Data Protection Authority advocates for passphrases as passwords

When creating a password, users should choose a passphrase, according to the Dutch Data Protection Authority (AP). This is a multi-word password, ideally created using Diceware. The privacy regulator recently stated that standard password requirements often encourage bad passwords. The AP then advised to choose long, random passwords.

“The risk of a long and random password is that you quickly forget it. The human brain is simply made to work in patterns and structures, not to remember rows of letters and symbols," says AP technologist Jonathan Ellen. Instead of a standard password, it is better to choose a passphrase, or a password that consists of several words.

Diceware

To create a passphrase, the AP first recommends using Diceware. To help people choose random words for their passphrase, several systems have been devised. The best-known word list is Arnold Reinhold's Diceware list, which was published in 1995 and contains a total of 7776 words. This principle can be compared to rolling a dice several times. This results in a number that corresponds to a word on the dictionary, hence the name Diceware.

In this way, a passphrase can be composed completely arbitrarily from different words. “The biggest challenge is remembering the order. A good way to do this is to come up with a story in which the words appear in the correct order,” says Ellen about using Diceware. If it is too difficult to remember the random passwords, people can also use a phrase of their own making.

“A disadvantage of this method is that people compromise on arbitrariness. Precisely if the sentence is logical, this offers opportunities for a criminal to predict the sentence or include it in a list of 'passwords to try'. Well-known proverbs, expressions or song lyrics are therefore unsuitable,” warns the AP technologist.

Even with memorable passphrases, there is a chance that users will have to remember too many. For such scenarios, Ellen recommends using a password vault. The master password used to access the password vault should consist of an eight-word passphrase created via Diceware.