itrust consulting applies ‘nudge’ theory to increase customer security

In 2017, Richard Thaler and Cass Sunstein, the founding fathers of 'nudge theory', received the Nobel prize in Economics. The essentials of nudge theory can be summed up in a few bullet points:

• nudges are tiny hints or changes which suggest that one follow a certain direction, but leave all of one’s options open;
• a default option is a very powerful nudge, as it requires one to actively object to it to choose a different path;
• states and other large institutions can use nudges to improve whole societies.

The main New Year’s resolution of itrust consulting for 2019 is to incorporate nudging to the benefit of our customers’ security needs.

The main issue is that people decide emotionally without rationally considering security. Efforts to improve security take attention and resources away from their core business. Moreover, people have a strong tendency to reject constraints and authorities, as these give them the impression that they have lost the power to decide. Nudging rests on the idea that most decisions are actually taken unconsciously.

'Nudging for security' means therefore to prepare the environment so that people unconsciously, but freely, choose the right option for themselves and their security. A nice example of this are the privacy-by-default requirements of the GDPR. It is now up to us to come up with - and implement - others for our customers.

As a consequence, itrust consulting wishes to employ a social scientist to assist in this approach.

Happy nudging for better cybersecurity!

We wish you a Peaceful Christmas and a Happy New Year.

Results of the ATENA workshop on October 18, 2018

itrust consulting and the University of Luxembourg jointly organized and hosted a successful public workshop on 18 October, 2018, focusing on the H2020 ATENA project (https://www.atena-h2020.eu/), the topic of which is Cybersecurity for Critical Infrastructures (CIs).

The purpose of ATENA is to build a suite of integrated tools to help CI operators manage and respond to cyberattacks in near-real-time so as to maintain the necessary quality of service of such infrastructures.

Please use the link below to read the full press release text.

itrust consulting continues sponsoring key events for information security in Luxembourg

Traditionally, itrust consulting continued its sponsorship for ‘HACK.LU 2018’ (16.-18/10), where our IT Security expert Rémi Chipaux presented in the session ‘Unpacking for Dummies’ malware packing mechanisms and counter strategies.
Additionally, for a consecutive year, we sponsored ‘BSides Luxembourg 2018’ (19/10), result of our excellent professional relationship.

ISO/IEC 27001 surveillance audit passed and ISMS enhanced regarding GDPR

itrust consulting successfully passed its ISO/IEC 27001 surveillance audit performed by Certi-Trust Europe, confirming that information security is managed according to the state-of-the art industry standard.

The challenge during the recent year was to become GDPR-ready, while giving priority to our customer needs versus our internal compliance process.

Please use the link below to read the full press release text.