The General Data Protection Regulation (GDPR) affects all organisations that process personal data (PII) of citizens of the European Union and will apply from May 27, 2018. It imposes on every organisation, big or small, as well as on both PII controllers who collect data and those who process the data, called PII processors, the setting up of adequate protection and compliance with the regulation and to prove, in the case of a complaint or violation, conformity with the requirements and the stated principles of protection. This can be achieved with a well-defined management system and proper documentation. Depending on the risks associated with the processing, it also imposes the appointment of a Data Protection Officer (DPO), a Data Protection Impact Assessment (DPIA) and the formal justification that sufficient measures have been taken to reduce the risk of disclosure, manipulation, or loss of data. These requirements are accompanied by the announcement of extremely severe, proportional but dissuasive, administrative penalties. This presentation explains the requirements on SMEs and gives guidance on how to address them.
Presented by Dr. Carlo Harpes for Jonk Handwierk at LaLux Auditorium in Leudelange.
From 20 to 24 November 2017, Dr Carlo Harpes participated in the ISO/IEC JTC 1/SC 27 'IT Security techniques' subcommittee meeting in Berlin.
This year, itrust consulting continued its sponsorship for HACK.LU 2017 (17/10 to 19/10) and BSides Luxembourg 2017 (20/10), where our IT Security expert Rémi Chipaux presented his project ‘malware hunting chatbot’ in Europe.
On 17th October 2017, Lëtzebuerger Gemengen published an interview with Dr Carlo Harpes, founder and Managing Director of itrust consulting.
Risk analysis is a central approach in the cybersecurity environment; this is why itrust consulting has developed, in partnership with Luxmetering G.I.E., a real-time risk monitoring tool, that represents a technological evolution of its TRICK Service tool. Carlo Harpes, founder and Managing Director of itrust consulting, explains us the result of this three-year collaboration and the benefits of this new tool for companies.
This tool is the result of a cooperation with Luxmetering G.I.E., Creos Luxembourg S.A., and uni.lu and was co-funded by the Ministry of the Economy within the project 'Smart Grid Luxembourg - Cockpit'.
Read the complete interview by clicking the button 'News article' bellow.
IT Security consultant Rémi Chipaux participated at the 25th anniversary DEF CON Hacking Conference in Las Vegas (July 30 to August 2, 2017) and presented his project ‘malware hunting chatbot’ in the USA.
On 21st of June 2017, itrust consulting marked its 10th anniversary with a memorable celebration in LaLux Auditorium in Leudelange.
Together with our partners and customers, we enjoyed the first part of the event - conference with the notable key note speakers
Mrs Viviane Reding, Member of the European Parliament, Professor Bart Preneel, Katholieke Universiteit Leuven and Mrs Larissa Best,
co-founder of the think-tank Équilibre.
The last speech was delivered by Mr Carlo Harpes, CEO of itrust consulting, who gave an interesting overview on the development path
of itrust consulting, past and future challenges and the upcoming plans lying ahead.
The conference was accompanied by entertainment pauses delivered by the excellent performance of PHP Quartett musicians.
During the second part of the event, we enjoyed a walking gourmet dinner during which we exchanged ideas through conversations and networking.
We would like to thank all participants for contributing to the great atmosphere and for allowing us to share this moment with you!
Just before its 10th anniversary celebration, itrust consulting received the official certification of its Information Security Management System (ISMS) from International Certification Trust Services (ICTS) S.à.r.l., with regards to the standard ISO/IEC 27001.
The processes and related documentation established at itrust consulting, covering aspects like risk assessment, business continuity management, data protection, cryptography, operational security, etc., have been declared compliant with the highest standards for Information Security.
Dr. Carlo Harpes, Managing Director and founder of itrust consulting, summarised: ”The security of customer data and data protection according to the GDPR are among our highest priorities, and this certification confirms that our approach works not only for large institutions that have already been certified with the assistance of itrust consulting, but also for SMEs and even micro-enterprises.”
itrust consulting proudly announces the release of a new version of its risk assessment and treatment web application TRICK Service.
TRICK Service is an easy to use application designed to:
perform risk management following ISO 31000, ISO/IEC 27005, and ISO/IEC 27001;
support quantitatively AND qualitative risk estimation;
prepare data protection impact assessments (DPIA): TRICK Service enables to perform impact assessments in compliance with the European Union General Data Protection Regulation.
TRICK Service is composed of many advanced and useful features such as multi-user support, access control, automatic creation of risk analysis reports, risk analysis versioning, visualisation of risk evolution, definition of risk profiles. Furthermore the user has the option to embed his own security control catalogues or international standards adapted to its requirements.
In order to get your 30 days free access rights to our TRICK Service demo verison, feel free to create your own account by clicking on the "Free Registration" button below. In case you have any further questions about the web application TRICK Service, don't hesitate to contact us on firstname.lastname@example.org or by calling us under the following number: +352 26 17 62 12
If you run a small or medium sized business and want to have a basic security check at reasonable cost, then itrust consulting's new vulnerability test offer might interest you.
Our malware.lu CERT team is currently offering a basic vulnerability test package at a fairly low price that will give small to medium sized businesses the opportunity to get a first impression of their security situation. More precisely, we offer an automated scanning service at the price of only 200€.
Hackers are out there lurking for your data. Don't leave yourself unprepared!