itrust consulting is committed to protecting your privacy and ensuring the protection of your personal information. itrust consulting takes privacy seriously. In accordance with the GDPR we implemented a privacy policy in our company that follows all principals and requirements of the GDPR. We use your PII in the context of the overall management of our business activity, only:
to manage information (potentially including PII) according to contracts (consulting, audit, training, research…);
to learn from past experience in our projects for upcoming projects (knowledge management), or to train new staff;
to carry out contracts including invoicing and justification of work performed (e.g. with timesheets and progress reports);
to manage IT activities with the aim of information security (including service availability), and to detect and handle threats, vulnerabilities, risks, and incidents;
to manage employment contracts, to ensure workplace safety, and to manage application information;
to demonstrate consistency of our accounting system to tax authorities and interested parties;
to perform forensic analysis and propose effective reactions to security events, to detect frauds and vulnerabilities, to understand malware and malware producers, and to share this knowledge with other security experts fighting against cybercrime;
trace the validity of our reports and advice for justifying professionalism.
To apply your rights for access, correction, reporting misuse, or withdrawing consent, please send an email to dpo@itrust.lu.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
moove_gdpr_popup
_icl_visitor_lang_js
wpml_browser_redirect_tes
We use the following third party services:
Google Maps is used on the contact page of our website.
Google reCAPTCHA is used to protect our forms.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Statistics
This website uses the following additional cookies from matomo.itrust.lu:
_pk_id.*
_pk_ses.*
Please enable Strictly Necessary Cookies first so that we can save your preferences!
On 27 October 2022 itrust consulting celebrated its 15th anniversary, in the beautiful Lalux auditorium in Leudelange.
The first part of the event was dedicated to a technical workshop, where the current research projects Eagle-1 and CyFORT were presented.
The second part was an academic symposium with five expert speakers: Mr Gauthier Crommelink from Ministère de l’Économie on the support of his Ministry for research and innovation in cybersecurity, Prof. Dr Peter Y.A. Ryan, full Professor at the University of Luxembourg on the need of verification in Securing Elections, Mr Alan Kuresevic, CEO of SES Techcom, on how they bring Quantum Key Distribution to Space.
In his birthday speech, Dr Carlo Harpes, Managing Director and founder of itrust consulting showed extracts of policies and procedures that itrust consulting has written in the last years for more than 20 customers, many of which have achieved a 27001 certification, thanks to documents and risk assessments by itrust consulting. He particularly thanked his R&D team for tailoring the risk assessment tool TRICK Service to specific requirements by ILR. At the end of his presentation, Dr Harpes announced the creation of a spin-off company to consolidate the research and development activities to enable a more autonomous and focused approach.
Finally, Dr Arash Atashpendar, the head of Research and Development at itrust consulting provided a presentation of the spin-off company, called “itrust Abstractions Lab”.
The academic symposium was enhanced by the young musical talents of the ‘JazzFellas’ and by the presentation of a painting of Martine Zehren for this anniversary. It was followed by a walking dinner fostering useful conversations.
We would like to thank all participants for contributing to the great atmosphere and for allowing us to share this moment with you!
As part of selected experts from industry and academia, Dr Carlo Harpes, Managing Director and founder of itrust consulting informed on new trends in Information Security, Cybersecurity and Supply Chain Attacks at the conference covering ‘digital logistics’, organized by the ‘Luxembourg Centre for Logistics and Supply Chain Management’ (LCL), together with ‘Cluster for Logistics Luxembourg’ (C4L) in the Luxembourg Chamber of Commerce, celebrating LCL’s 5-year anniversary.
Inspired by the reporter.lu 2021 review, I have adapted a quote by the investigative journalist Hans Leyendecker to my role as Chief Information Security Officer (CISO) in my New Year’s greeting: ‘A good CISO is an unsatisfied CISO. No one who is completely satisfied is capable of implementing security’.
This sentence has comforted many internal and external CISOs I have worked with in 2021: Guillaume, Ingo, Laura, Marc, Matthieu, Patrick, Yannick…
We often feel like a troublemaker when we point out procedures that are not followed, common security practices that are considered too complicated, good reflexes that have been abandoned due to lack of time. We confess our uncertainty about risk analysis or our pessimism if we survive without our advice being followed…
But we have all learned that to succeed, we need a positive spirit, openness to new technologies, autonomy, creativity, and above all an year for market changes. This is generally what CISOs do: they follow the latest recognized standards, try to convince, coach, implement artificial intelligence in network supervision…
But their role is also to find vulnerabilities, to set social engineering traps, to insist on good documentation avoid future errors and loss of know-how, to require traceability of decisions and acceptance of risks (without embellishment), thus ensuring sustainable decisions, instead of justifying preconceived ones. The CISO is thus the right ally for a CEO who is looking for the best decisions in the face of new challenges.
It is by disagreeing with an observed security that the CISO stimulates to find better. And his persistence avoids risks: services started without an adequate agreement on responsibility, too fast migration to the cloud creating dependency for a short-term advantage, open doors to cybercrime, resignation in the face of internal negligence. It avoids downtime or costly replacements or fixes.
Fortunately, it is not only CISOs who are holding back. A courageous CEO recently confessed to me that he often finds himself in the position of putting the brakes on projects in which the customer’s view, financial feasibility, security, legal compliance, etc. have been neglected. Enthusiasm does not guarantee success.
For sustainable projects, managers cannot escape from working with CISOs and taking care of security and data protection themselves. And there are often CISOs who come up with interdisciplinary and creative solutions, sometimes simpler than expected and standing in contrast to the flagship products that do everything but work efficiently without qualified personnel.
Let’s not forget that many great ideas and successes have been created by offensive people like Steve Jobs or meticulous people like Bill Gates… Without sweat and rivalry, customers won’t get the secure services they deserve.