top of page
Prepare for DORA Part 7: Long-Term Strategy – How to Build Continuous Resilience
The first six parts of our DORA blog series focused on interpreting regulatory expectations, implementing controls, and managing...
Apr 34 min read
Prepare for DORA Part 6 – Compliance & Security Best Practices for Cloud & SaaS Service Providers
As cloud and SaaS adoption continues to accelerate, they have become critical dependencies in the ICT supply chain of financial...
Mar 277 min read
Prepare for DORA Part 5 – Governance & Risk Management
With DORA now in effect, financial institutions face stricter governance and risk management requirements.
Mar 196 min read
Prepare for DORA Part 4 – Cyber Resilience Testing & Operational Preparedness
Financial institutions must go beyond basic cybersecurity measures and actively test their resilience against cyber attacks to meet DORA.
Mar 124 min read
Prepare for DORA Part 3 – Incident Reporting & Response Under DORA: What’s Changing?
With DORA now in effect, financial institutions across the EU face strict new requirements for cybersecurity incident reporting and response
Mar 44 min read
Prepare for DORA Part 2 – Contracting with ICT Service Providers for DORA Compliance
With DORA now in effect , financial institutions across the EU are strengthening their cyber resilience and third-party risk management...
Feb 264 min read
Prepare for DORA Part 1 – Should Swiss Financial Institutions Prepare for DORA?
The Digital Operational Resilience Act (DORA) officially came into effect on January 17, 2025 , setting a new standard for cyber...
Feb 194 min read
CISA Breach, Security Software and Proactive Attack Surface Management
In an era where cyber threats loom larger each day, the recent cyberattack on the Cybersecurity and Infrastructure Security Agency (CISA)...
Mar 21, 20242 min read
Navigating Cybersecurity in Mergers and Acquisitions: A Holistic Approach
Mergers and acquisitions (M&As) are pivotal to the growth strategies of numerous companies, serving as a linchpin for maintaining a...
Mar 8, 20242 min read
Why Can't We Get MFA Right? Lessons from Recent SEC and Microsoft Incidents
Ever caught yourself shaking your head at the latest security breach headline, wondering why Multi-Factor Authentication (MFA) wasn't the...
Feb 7, 20242 min read
Google Flights vs. Google Ad: The Battle of Ad Squatting Attacks
In an age where digital advertising is paramount, Google Ad Squatting emerges as a sophisticated cyber threat. It's a practice where...
Jan 23, 20242 min read
The Hidden Risks in Security Software: Lessons from the Boeing Ransomware Attack
The recent in-depth case study by CISA on the ransomware attack on Boeing by LockBit 3.0 in late 2023 brings to light a critical yet...
Jan 16, 20242 min read
Enhancing Industrial Control System Security: Insights from CISA's Latest Advisories
The Cybersecurity and Infrastructure Security Agency (CISA) issued critical advisories on December 12 and 7, 2023, spotlighting...
Dec 12, 20232 min read
Strengthening Supply Chain Defenses Against Ransomware: Insights from Xplain and Concevis Incidents
The ransomware attacks on Xplain and Concevis, two Swiss IT service providers, represent critical case studies in understanding the...
Nov 27, 20232 min read
Harnessing C2SEC's XSPM to Empower Gartner's CTEM Framework
In the complex and ever-changing landscape of cybersecurity, Gartner's Continuous Threat Exposure Management (CTEM) framework, introduced...
Nov 21, 20234 min read
Navigating the Shift Away from Third-Party Cookies with C2SEC XSPM
In a significant development for digital privacy, Google's recent announcement about phasing out third-party cookies in Chrome heralds a...
Nov 14, 20232 min read
Introducing XSPM: Redefining the Paradigm in Attack Surface and Security Posture Management!
We are excited to unveil XSPM, our transformative Extended Security Posture Management SaaS platform. This innovation marks a pivotal...
Oct 4, 20232 min read
bottom of page