Browse an archive of past issues of our magazine

back  Back to DSM magazine...

DSM 2015/2

2015 2Main topic: Reporting incidents, user authentication

 PUBLISHED: 18.6.2015

rr These articles were subject to peer-to-peer review

Click on headline to see more about article

Interview with Marie Kovářová

Petr Hampl
A board member of Ceska Pojistovna explains her view on information security, especially on investment approvals processes, long-term strategies, requirements on a chief information security officer and risk appetite. Trends, future technologies and new threats are also discussed.

Interview with Jeffrey Bardin

Petr Hampl
The leading information officer of the Treadstone 71 project states that defense based strategies have failed. According to him, a new paradigm is needed, based on a counterstrike or even a preventive strike. Mr. Bardin also explains his view on the role of the State in information security as well as his view on the relationship between an IT manager and a chief information officer.

Reporting of security incidents rr

Edited Andrea Kropáčová
The key rules and guidelines of security incidents reporting are discussed in this article. The content of reports, communication channels, the critical need of speed and the role of creativity in incident response are also explained. The final part of the article is focused on the role and the operation methods of the Computer Security Incidents Response Team in the Czech Republic.

The implementation of encrypted virtual servers rr

Jiří Vrbický
A case study from a data center describes an implementation of a technical solution enabling clients to choose what virtual servers are encrypted and also to keep encryption keys under their control. In the first part, the technical requirements are explained. This is followed by a process of product selection, feasibility study, implementation and integration into the client interface of data center services.

Multiple factor authentication with a token rr

Jakub Horák, Václav Špáňa
The initial part of this contribution focuses on the limits of single factor identification as well as the limits of using a mobile phone as the second factor. The basic requirements of any token based solution, authentication process, implementation and integration to multiple applications are also explained.

Fraud detection in the online environment rr

Jan Mészáros
A general model of online fraud and a system for its detection are introduced in this article. Fraud targets, the persons involved, ways of fraud realization (social engineering, man-in-the-middle, malware) and key features are covered. Special attention is dedicated to techniques of fraud detection, including fingerprinting, robot detection, behavior analysis and rules application.

back  Back...

Contact us

TATE International s.r.o.
Hořejší nábřeží 21, 150 00 Praha 5

phone  Phone: +420 737 215 220
email  E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.


Na naší webové stránce používáme cookies. Některé z nich jsou nutné pro běh stránky, zatímco jiné nám pomáhají vylepšit vlastnosti stránky na základě uživatelských zkušeností (tracking cookies). Sami můžete rozhodnout, zda cookies povolíte. Mějte prosím na paměti, že při odmítnutí, nemusí být stránka zcela funkční.

Back to top