socwise blog

27/09/2023

Use of threat reports in information security risk assessments

Tamás Tóth –

In this article, I would like to summarise how to replace the often run-of-the-mill, template-based risk assessments that are often produced on the fly due to compliance pressure on organisations, with real value-added assessments that consider real threats. This article is not intended to provide a detailed description of risk management methodologies and processes. Risk […]

13/06/2023

The relationship of ChatGPT and GDPR

Hüvelyes Péter –

The concept of artificial intelligence (AI) is not new; originally appearing in science fiction novels, AI has been in development for decades, with the first working chatting bot appearing as early as 1966. The reason why we hear it all the time now, is that with ChatGPT it is the first time that anyone can […]

02/05/2023

PCI-DSS: Protecting your card data

Szalárdi Tamás –

Historical background The rise of digital banking and credit card transactions has opened up an innovative, forward-looking, but also dangerous dimension that has quickly become an integral part of our everyday lives, both for its convenience and practicality. Today, it is almost impossible to imagine life without online shopping, PayPass, ATM cash withdrawals, but at […]

20/04/2023

Movies to reality: the pros and cons of ChatGPT

Polyák Beatrix –

Now that ChatGPT, an artificial intelligence chatbot, is on tap, the sci-fi scenes of self-aware intelligent machines gleefully murdering the protagonist's family and friends, or trying to destroy and enslave all of humanity in a variety of ways, are bound to come to mind. This may be one of the reasons why people are sceptical […]

06/04/2023

Risk Assessment in Operational Technology – The most common risks and how to avoid them

Hüvelyes Péter –

First used in 2006 by Gartner, the term ‘operational technology’, or OT for short, is meant to talk about hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes, and events. As OT is closely associated with critical infrastructures such as utility control systems, cybersecurity […]

13/03/2023

All you need to know about TISAX

Hüvelyes Péter –

The background to the creation of TISAX The way businesses operate has been radically transformed in recent decades, with a huge increase in their dependence on IT. It is now unimaginable that a company does not use IT systems in almost any aspect of its operations. Its technical support requires an ever-increasing IT capacity, an […]

14/02/2023

Digital Operational Resilience Act (DORA)

Hüvelyes Péter –

Brief Background The digitisation of the financial sector and paralelly its exposure is ever increasing. To date, different financial supervisors across the EU have addressed ICT risks in different ways and with different levels of effectiveness. EU Regulation 2022/2554 on digital operational resilience for the financial sector, officially known as the Digital Operational Resilience Act […]

11/02/2023

Steps for NIS 2 compliance

Tamás Tóth –

Following our previous articles on the NIS 2 Directive (hereafter: directive), in the next part of article series we will give you some practical advice on how to prepare for compliance. As you know, the deadline for transposition of the Directive into national law is October 2024, but there is no news yet on which […]

17/01/2023

The NIS2 Directive has been published. What’s next?

Tamás Tóth –

On 27th of December 2022, the Commission of the European Union published the NIS2 Directive (furthermore: Directive), which will enter into force on 16th of January 2023, and Member States have to transpose the provisions into their national legislation until 17th of October 2024. In this article, I will summarize what is new in the […]

1 2 3 4 NEXT