Avatar photo
Sebastiaan Bakker

A well thought out security policy

Both the complexity of the digital threat landscape and the potential impact of the threats are increasing all the time. The Kaseya supply chain attack is a good example of how sophisticated attacks nowadays are. It underlines the importance of a integrated and well thought out security policy, where we collaborate, share knowledge and are critical about both the internal and external organization.

An important part of a security policy, in addition to using best practices and standards, is not to blindly trust your suppliers, even if they are reputable. It is important to ask questions, request documents and assess the risks with all of the suppliers, large and small. Het is onderdeel van onze cultuur, verweven in ons DNA en een belangrijk onderdeel van onze dienstverlening.

A good example are the recent PrintNightmare vulnerabilities we informed you about. Over the weekend, immediately after the announcement, we performed a technical analysis on the vulnerability in order to gain insight into the risk, the impact for our customers and the attack vectors. Based on the technical analysis, we determined the next steps. This structured approach is a permanent part of our way of working and culture: always perform an analysis first, involve all relevant stakeholders and only then determine the next steps. This way, we can make sure we have a well-considered approach to the vulnerabilities and possible risks, whereby the confidentiality of your data is key.

Of course, this is not only up to us, but it is a joint effort. We can learn from each other, join forces and discuss how we can work together on this. Security, privacy and compliance is a broader issue, which we are already discussing with various business partners and would also like to discuss with you. We do not have a monopoly on wisdom and would also like to hear your insights in order to develop an integrated security policy.

A well thought out security policy

Both the complexity of the digital threat landscape and the potential impact of the threats are increasing all the time. The Kaseya supply chain attack is a good example of how sophisticated attacks nowadays are. It underlines the importance of a integrated and well thought out security policy, where we collaborate, share knowledge and are critical about both the internal and external organization.

An important part of a security policy, in addition to using best practices and standards, is not to blindly trust your suppliers, even if they are reputable. It is important to ask questions, request documents and assess the risks with all of the suppliers, large and small. Het is onderdeel van onze cultuur, verweven in ons DNA en een belangrijk onderdeel van onze dienstverlening.

A good example are the recent PrintNightmare vulnerabilities we informed you about. Over the weekend, immediately after the announcement, we performed a technical analysis on the vulnerability in order to gain insight into the risk, the impact for our customers and the attack vectors. Based on the technical analysis, we determined the next steps. This structured approach is a permanent part of our way of working and culture: always perform an analysis first, involve all relevant stakeholders and only then determine the next steps. This way, we can make sure we have a well-considered approach to the vulnerabilities and possible risks, whereby the confidentiality of your data is key.

Of course, this is not only up to us, but it is a joint effort. We can learn from each other, join forces and discuss how we can work together on this. Security, privacy and compliance is a broader issue, which we are already discussing with various business partners and would also like to discuss with you. We do not have a monopoly on wisdom and would also like to hear your insights in order to develop an integrated security policy.

Avatar photo
Sebastiaan Bakker
Previous post
News overview
Next post
News overview
Previous post
Next post
Sign up for our newsletter

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Back To Top