Cyber4Z in short

Cyber4Z started in 2015 with two specialists experienced in the cybersecurity domain. We now have a team with various capabilities in the field of strategic and tactical design of cyber security, IT, Privacy and Blockchain technology.

In addition, we are involved in technical and tactical implementations of complex security challenges that focus on the acceptance of new technologies in a pragmatic way. With our expertise and experience, we can guarantee the business objectives of our clients. These are widely determined by laws and regulations, customer requirements and rules of compliance.

  • Predict

  • Prevent

  • Detect

  • Respond

  • Remediate

Who are we?

Our team consists of certified professionals. Quality is our top priority. The technical and tactical implementations we deliver from the strategic design can be externally certified against the ISO9001, ISO27001, NEN7510 or other standards. Therewith we can have our quality tested externally as well. In addition, we provide operational knowledge when it comes to technical security assessments such as penetration tests, project management, SOC / SIEM propositions with connecting services such as log management, vulnerability and compliance management, patch management, training in the field of privacy, security and blockchain technology.

More about Cyber4Z

Our clients

Monthly Cybernote: May 2022

What's the use of a IT contract in the event of a ransomware attack?

Ransomware is one of the biggest cyber threats that organizations face today. Cyberc​riminals who commit ransomware attacks are usually after money and not the data that they encrypt in their attack. That is why smaller companies are usually victims of ransomware: their technical security is often less well organized and they have no backup plan.

Make good agreements with your IT supplier

It will come as no surprise that the GP in a health center is not particularly technically skilled. The GP or health center will have outsourced the IT aspects of the practice to an IT supplier. But what is the position of the GP in a ransomware attack? “Small companies often rely largely on their IT supplier for the technical support of their business operations,” says Rosalie Brand, attorney in Privacy Law at Kennedy Van der Laan. “Because they do not have the technical knowledge in-house, it is very important that when entering into the contract with their IT supplier they make clear agreements about the level of security and the support that they will receive from the IT supplier when there is a problem or something unexpectedly goes wrong.” By making these agreements, organizations avoid problems with their IT suppliers just when they need their help most.

Which agreements should be considered?

The agreements made with an IT supplier must go further than installing good firewalls and using antivirus software. For example: Think of keeping adequate backups and providing information for the reporting obligation to the privacy supervisor, the Dutch Data Protection Authority and the persons whose personal data has been affected by the attack. It is precisely these things that are necessary when a ransomware attack occurs. And that is precisely why these matters should not be forgotten when entering into an agreement with the IT supplier.

The CWB has previously written an article with the best practices regarding making agreements with your IT supplier, which you can find here.

Train your staff

Nothing is more humane than human error. And that is exactly what cybercriminals rely on: an unupdated computer or a click on a link that is not what it seems and the criminal is inside a system. Unfortunately, human errors can never be completely ruled out. That is why it is important, in addition to technical measures, to properly train personnel and to make them aware of the risks. This significantly reduces the chance of such weaknesses in your system and employee errors. “Do not limit yourself to the annual 10-minute online e-learning, but repeat the lessons regularly – preferably with practical examples that have taken place within your organization. Using real-life examples makes this topic more appealing to your employees,” says Brand.