Cybersecurity Insights
Current articles, analyses, and best practices on information security, IT security, and cyber threats from our experts.
Director Liability under §43 GmbHG and NIS-2: Why 'Cyber is IT's Job' Can Lead to Personal Bankruptcy in 2026
How §43 GmbHG, §93 AktG, and NIS-2 Art. 20 cement personal management liability for cyber security – and which evidence every director should have on the desk.
Cyber Insurance 2026: Why Insurers Increasingly Decline – And How to Prepare
Cyber policies are getting more expensive, narrower, and more demanding. Which technical minimums insurers expect in 2026 – and how to prove them cleanly.
Hospitals & Critical Infrastructure: B3S, NIS-2 Extension, and Smart Use of KHZG Funds
German hospitals face combined pressure in 2026: B3S obligation, NIS-2 extension to all hospitals, ePA connection, ransomware wave. How to prioritize KHZG funds wisely.
NIS-2 Ready: Health Monitoring, Audit Log, and Alert Rules in the Mail Security Platform
Which operational building blocks a mail security platform must ship to technically meet the NIS-2 requirements on detection, reporting, and response.
Wazuh SIEM, OpenBao Vault, and Coraza WAF: The Defensive Stack in SecTepe.Comm
How Wazuh as SIEM, OpenBao as secrets vault, and Coraza as WAF together form a full defense-in-depth stack – self-hosted and auditable.
Identity & Access Management with Keycloak and an AD Connector
How a central Keycloak identity provider with OIDC, SAML, MFA, and an AD connector unifies hybrid environments into real single sign-on – without vendor lock-in.
DORA for SaaS Providers and Bank Suppliers: What 'Critical ICT Third-Party Providers' Must Deliver in 2026
DORA doesn't only apply to banks – any SaaS provider, IT service provider, or FinTech with financial customers gets pulled in. What 'critical ICT third-party providers' must deliver technically and contractually.
Matrix and Jitsi: End-to-End Encrypted Team Communication Without a Cloud Gateway
How Matrix/Synapse with the Element client and Jitsi Meet together replace the Slack/Teams/Zoom stack – federated or isolated, with real end-to-end encryption.
Four-Eyes Principle and Forensic Archive: Two Building Blocks Almost Every Audit Asks About
How a four-eyes approval workflow for mail releases and a WORM-capable forensic archive proactively cover typical findings from ISO 27001 and NIS-2 audits.
M&A Cyber Due Diligence: What Buyers Probe in 4 Weeks – And Where Deals Break
Cyber due diligence is a workstream of its own in 2026 M&A processes. Which findings depress purchase price or kill deals – and which platform evidence builds trust quickly.
German Mid-Market Machinery: NIS-2 Extension, IEC 62443, and Industrial Espionage Risk
German machinery mid-market faces double pressure in 2026: NIS-2 extension hits many unexpectedly, while industrial espionage grows. How to tackle OT security and IEC 62443 in a structured way.
n8n + Bus Gateway: Event-Driven Automation as the Glue of the SecTepe.Comm Platform
How n8n as workflow engine plus a custom bus gateway turn the platform building blocks into real end-to-end workflows – without Zapier dependency.
Outbound DLP: Effectively Preventing Data Loss in Email
How a modern mail security gateway detects PII, credit card numbers, IBANs, and API keys in outbound emails – and how a four-eyes release reduces the error rate.
Ransomware Crisis Communication: The 72-Hour Plan for Management
What management must do communication-wise in the first 72 hours after a ransomware incident – GDPR notification, NIS-2 early warning, employees, customers, media. A realistic playbook.
Multi-Domain Mail Security: One Gateway, Many Domains
How a central mail security gateway protects multiple domains in parallel – with individual policies, separate quarantines, and automated Mailcow provisioning.
Law Firms, Tax Advisors, Audit Practices: Client Confidentiality, BORA/StBerG and Cyber Security 2026
German professional confidentiality holders are personally liable for breaches – including via cyber incidents. Which minimums BORA, StBerG, and WPO demand in 2026.
Automated Malware Analysis with the CAPE Sandbox
How the CAPE sandbox integrated into SecTepe.Comm detonates suspicious attachments in Linux and Windows guests, extracts IOCs, and defeats anti-evasion techniques.
LLM-Based Phishing Classification: BEC Detection With a Local LLM in the Mail Pipeline
How a local LLM (Ollama) catches phishing and business-email-compromise messages that survive classical filters – GDPR-compliant and without a cloud API.
CTI Integrated: MISP, OpenCTI, YARA, and a Self-Hosted Ransomware Intel Service
How an integrated threat intelligence stack made of MISP, OpenCTI, YARA, and a self-hosted ransomware actor feed plugs directly into mail, sandbox, and SIEM pipelines.
GRC TCO and ROI: In-House Platform vs. Vanta/Drata Over 3 Years
An honest 3-year math: license costs, internal effort, migration risk, and exit costs of SaaS GRC vs. EU-native in-house platform.
Cyber Risk Board Reporting: What Management Really Needs to Know
What an effective cyber risk reporting to management and supervisory board looks like – KPIs that drive decisions, not number walls that distract from them.
Digital Sovereignty: Why Self-Hosted Cyber Security Is a Strategy Again in 2026
Cloud Act, Schrems II, NIS-2, SaaS cost explosion: why more and more mid-market businesses are pulling their security stacks back to the EU – and into their own house – in 2026.
SecTepe.Comm: The Sovereign Cyber Security Platform for Mid-Market Businesses
What SecTepe.Comm is, which building blocks the platform integrates, and why self-hosted cyber security increasingly pays off in regulated mid-market environments.
IVDB Integration for German Statutory Health Insurance: B3S-Compliant ISMS Without CSV Pain
How direct IVDB integration (CSV import + future API) dramatically accelerates the build of a B3S-compliant ISMS for German health insurers – including conflict detection and progress display.
Asset Management With Lifecycle Tracking: The Foundation of Every ISMS
Why an ISMS without a clean asset inventory is worthless – and how SecTepe.Core integrates asset lifecycle, protection-need analysis, and ownership.
Review Cycle Management: Automated ISMS Reviews for Policies, Controls, and Assets
How automated review cycle management with frequency-based scheduling, multi-channel reminders, and escalation makes ISMS maintenance effort calculable.
Risk Management in the ISMS: Assessment, Treatment, Residual Risk – Without Excel Hell
How an integrated risk management discipline brings risk assessment, treatment decision, and residual risk acceptance together in an auditable way – with the human judgment it needs.
AI-Supported Compliance: Policy Generation, RAG Audit Assistant, and STRIDE Threat Modelling
Where AI really delivers value in compliance and ISMS workflows – policy generation, retrieval-augmented audit assistant, STRIDE threat modelling – and where it doesn't.
Supplier & Vendor Portal: Structured Third-Party Risk Management
How an integrated supplier portal with self-service questionnaires, evidence collection, and risk score drastically reduces supplier onboarding effort.
White-Label Trust Center: A Compliance Portal Under Your Own Domain
How a white-label trust center under your own domain makes compliance evidence, status pages, and certificates publicly available – as proof of trust for customers, partners, and auditors.
Framework Change Management: Detect Standard Updates Automatically and Reassess
How a GRC platform proactively detects updates to ISO 27001, NIS-2, BSI IT-Grundschutz, analyzes the impact, and coordinates reassessments – instead of manual newsletter shifts.
eIDAS-Compliant Digital Signatures with PGP/GPG Integration
How eIDAS-compliant digital signatures combined with PGP/GPG replace the classical print-sign-scan workflow – including audit trail and long-term validation.
ISO 27001 Certification in 6 Phases: The Structured Roadmap with a Wizard
How a structured 6-phase roadmap with phase gating, templates, and a wizard turns the typical 18 months of ISO 27001 certification into a predictable process.
Audit Preparation in 4 Weeks Instead of 4 Months: The Management Playbook
How an ISO 27001 or NIS-2 audit preparation succeeds in 4 weeks instead of 4 months – when ISMS data comes from one platform instead of Excel forests.
DORA + NIS-2 + ISO 27001: How a CISO Manages Three Mandates Without Burnout
Three regulatory mandates in parallel, one CISO with two hands. How a multi-framework platform eliminates duplicate work and prevents CISO burnout.
Multi-Framework Compliance: ISO 27001, NIS-2, and BSI IT-Grundschutz From One Platform
How an integrated GRC platform maintains multiple frameworks in parallel, computes cross-mappings automatically, and avoids duplicate work in assessments.
SecTepe.Core: The EU-Native GRC Platform for Compliance, Risk, and ISMS
What SecTepe.Core is, which frameworks the platform covers, and why an EU-native GRC solution becomes the strategic answer to Vanta, Drata & co. in 2026.
Understanding the Importance of Cybersecurity Training
Why regular employee training is the key to IT security and how organizations can build an effective awareness program.
Benefits of an External Information Security Officer
Learn why an external ISO is the better choice for many organizations and the advantages of outsourcing this critical role.
Cyber Security: Effective Measures for Better Information Security
A comprehensive overview of the key measures organizations should implement to significantly improve their information security.
10 Common Penetration Testing Mistakes and How to Avoid Them
Avoid the most common pitfalls in planning and executing penetration tests and maximize your security improvements.
AI: Blessing or Curse for IT Security?
Artificial intelligence is revolutionizing cybersecurity - both as a tool for defenders and attackers. An analysis of opportunities and risks.
Phishing Threat in Microsoft Teams: Active Exploitation of a Vulnerability
A critical vulnerability in Microsoft Teams is being actively exploited for phishing attacks. Learn how to protect your organization.
ISO 27001: The Guide to Information Security
Everything you need to know about ISO 27001 certification - from the basics to successful ISMS implementation.
Penetration Test Reveals: How Secure Is Your WordPress Website Really?
WordPress powers over 40% of all websites. Learn what vulnerabilities are commonly found during penetration tests and how to protect yourself.
Social Engineering: The Psychological Dimension of Cyber Threats
How attackers exploit human psychology and what strategies organizations can deploy against social engineering attacks.
NIS2-Compliant Cybersecurity Solutions
The NIS2 directive sets new cybersecurity requirements. Learn what is coming for your organization and how to prepare.
The Information Security Management System (ISMS)
An ISMS forms the foundation of every successful information security strategy. Learn how to effectively build and operate an ISMS.
Incident Response: A Deep Dive into the Heart of Cyber Security
What happens when an incident occurs? A comprehensive guide to building and optimizing your incident response process.
ITundTECH Podcast: ISMS and Cybersecurity with Florian Bieselt
Florian Bieselt discusses ISMS, motives behind cyberattacks, and practical paths to greater corporate security on the ITundTECH Podcast.
Deepfake Detection Made Easy: How to Spot Manipulations
The tongue as a surprising detection feature: why realistic tongue movements remain a real challenge for deepfake algorithms.
Cybersecurity Is a CEO Matter – The Insider
David Eckel discusses a case on the Nico Werner Podcast where a supposedly external hacker attack turned out to have an internal cause.
SOCaaS – SOC as a Service: Security Operations Center as a Service
SOCaaS brings organizations round-the-clock expert knowledge and modern technology for proactive cybersecurity monitoring – without running their own SOC.
IT Security Check: Guide to DIN SPEC 27076
The IT security check according to DIN SPEC 27076 offers a structured framework for evaluating security measures and identifying vulnerabilities.
An Overview of Cyber Security as a Service (CSaaS)
CSaaS is an outsourcing model for cybersecurity that provides organizations with access to expert knowledge and advanced technology for comprehensive protection.
Maximum Cybersecurity: Phishing Simulations and Red Team Tests
Phishing simulations and red team tests together form a robust cybersecurity strategy that uncovers both technical and human vulnerabilities.
Security Awareness: Protection in the Digital Age
Security awareness is the understanding of security risks in IT – and a critical factor in protecting businesses from cyberattacks.
Community-Driven Cyber Security Awareness Training
SecTepe's community-driven awareness training continuously adapts to new threats and provides a solid foundation for security culture.
A Recap of the Kiwiko Partner Meeting 2024 in Weimar
Two days filled with inspiring conversations, workshops on digital transformation, and intensive networking in the heart of Weimar.
Cybersecurity Training: Free on YouTube
SecTepe and Colossyan offer free ISMS and cybersecurity training on YouTube – in German and English, ideal for beginners and advanced learners.
Pros and Cons of an External CISO: A Guide
External CISOs offer cost savings and objectivity, while internal CISOs provide deeper company knowledge and long-term perspective.
Cybersecurity Consulting: A Partner in the Digital Era
Professional cybersecurity consulting protects your business and strengthens digital resilience through risk management, compliance, and awareness.
AI and Big Data: Data Protection Strategies
How AI and big data impact data protection and which strategies are decisive for IT security and privacy in the digital era.
AI-Generated Videos: The Future of Information Security
AI-generated videos revolutionize information security through increased efficiency, personalization, and realistic training content.
DFIR: Digital Forensics and Incident Response
DFIR combines digital forensics and incident response into an indispensable component of modern cybersecurity strategies against cyberattacks.
Endpoint Detection and Response – SecTepe & CrowdStrike
EDR is an essential component of modern cybersecurity strategies for early detection and response to threats in networked systems.
Recognition: Our Team in the BSI CVD Hall of Fame
Our team has been added to the Hall of Fame of the BSI's Coordinated Vulnerability Disclosure – a recognition of our commitment to cybersecurity.
7 Anti-Phishing Tips for Consumers
Protect yourself from phishing and ransomware with seven practical tips – from sender verification to two-factor authentication.
Responsible Disclosure: The BSI's CVD Guideline
The BSI's CVD guideline provides a structured process for coordinated vulnerability disclosure and protects end users through collaboration.
6 Steps for an Effective ISMS Awareness Program
A strong information security awareness program significantly improves organizational security through employee training and risk awareness.
Qakbot: The Largest Botnet Has Reached Its End!
FBI and Europol neutralize the Qakbot botnet in Operation Duck Hunt, freeing 700,000 computers and preventing $58 million in damages.
Cyber Security in Germany 2023: A Look into the Digital Future
Germany battles rising cybercrime with damages of over 200 billion euros annually – protective measures are essential.
The NIS 2 Directive: What You Need to Know
The NIS 2 directive raises cyber security requirements across the EU and affects critical infrastructure as well as digital service providers.
Welcome to the SecTepe Blog
Welcome to the SecTepe Blog for cyber security, information security, and forensics – with practical tips and expert insights.
Have Questions About Cybersecurity?
Our experts are happy to advise you on all topics related to information security and IT security.
Get in touch