⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 New article: The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could ⚠ NCSC: Week 18: Parcel phishing with a devious twist – The "double phishing" scam 🔴 CVE: Critical vulnerabilities tracked — CVSS ≥ 9.0 📰 New article: The CISO Game in Chiasso: What a Simulated Cyber Crisis Teaches That No Presentation Ever Could
Best Practices 3 articles
All 27 Threat Intel 8 Regulation 5 Best Practices 3 Incident Report 4 Analysis 7
Best Practices3 May 202611 min read

Hardening Microsoft 365 for Swiss Organisations: A Practical Security Checklist

A practical M365 hardening checklist for Swiss organisations covering Conditional Access, Entra ID Secure Score, Exchange Online protection, audit logging, and data residency.

by Marco ScaritoRead article →
Best Practices7 April 202610 min read

Patching Is Not Enough: Building a Vulnerability Management Programme That Holds Up to FINMA and ISA Scrutiny

Three critical zero-days in five weeks — Cisco FMC, Fortinet EMS twice — expose a common failure: organisations patch reactively but lack a structured vulnerability management programme. Here is what FINMA and the ISA now expect, and how to build it.

by Marco ScaritoRead article →
Best Practices30 March 202610 min read

Zero Trust Beyond the Buzzword: Why Microsegmentation Is the Control Swiss Enterprises Keep Skipping

Most Zero Trust implementations stop at identity, skipping microsegmentation — the control that limits damage once an attacker is inside.

by Marco ScaritoRead article →