Cyber security

Blog posts

PCI and the return of Javascript supply chain attacks

September 13, 2018. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

In February this year, I wrote about the perils of Javascript supply chain, and how compromised external libraries were used to plant crypto currency miners to browsers of visitors of a large number of UK government websites. I also wrote about some techniques to prevent this from happening to your visitors. More

Markus Melin

Head of Tieto Security Services, Tieto

All around the Internet, botnet-powered DDoS attacks are underway constantly, and they are more destructive than ever before. Why should the C-level in organizations care about this? Because anyone can become a target, and the price tag of an attack may be heavy. More

Yulia Filipovich

Senior Compliance Manager, Tieto Compliance Cloud, Tieto

While we were preparing for the GDPR (General Data Protection Regulation), the US Government implemented a new law – the Cloud Act (Clarifying Lawful Overseas Use of Data), which came into effect March 23, 2018, and has implications for companies handling sensitive data in Europe. More

Peter Österdahl

Business Developer, Tieto Security Services

Election day is almost here in Sweden. Perhaps you have felt angry about particular stories or articles in your social network about the election (or the past election if you are not living in Sweden)? Maybe even shared news and written some comments about it as well. Did you fact check or just share? More

Cagla Salmensuu

Consultant, Tieto

Did you know that the European Union has introduced the first cyber security law in Europe, the NIS directive? For many organizations, its practical implementation and compliance requirements are unclear yet. In the Nordics, the situation is further complicated by the fact that countries are free to choose how they implement the directive as local law. More

Peter Österdahl

Business Developer, Tieto Security Services

Did you know that there are more than 1,000 municipalities within 50 counties just in the Nordics? Think about that number for a second; 1,050 organizations! More

Maria Nordgren

VP, Sales, Security Services, Tieto

It is no secret that reliability and trust are the pillars on which all economic and societal activity can flourish. Not one season passes without a cyber-security breach at a national and sometimes global level around us. More

Maria Nordgren

VP, Sales, Security Services, Tieto

Cyber security is in the spotlight like never before. For many organizations, this has been a fight against the clock to meet the requirements of EU's new data protection regulation, GDPR, before it came into force in May. More

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

In many ways, help desks hold the keys to the kingdom of all IT environments. They are also helpful by nature. This makes help desks a favorite target for cyber criminals to perform social engineering tricks to gain access. What can we do to make help desks serve users in a more secure manner? More

Yulia Filipovich

Senior Compliance Manager, Tieto Compliance Cloud, Tieto

Cyber security was ranked as one of the top five global risks for businesses at World Economic Forum in Davos, Switzerland in 2018. As the EU General Data Protection Regulation’s deadline has just passed, there is growing pressure on businesses worldwide to ensure that they are making cyber security a top priority. More

Oskar Ehrnström

Sales & Marketing Director, NSEC AB, Part of Tieto Group

Peter Drucker said, "Culture eats strategy for breakfast". This idea has since been adopted by many successful corporate leaders over the years, and many organizations use this as a competitive advantage in their business. My question to you is; Is this also applicable within the Cybersecurity space? Will a Cybersecurity team with a strong culture have a better chance to defend their organization than a team with a clear strategy? More

Petri Koivisto

Senior Security Consultant, Tieto

As noted in a previous blog post looking at cybersecurity trends in 2018, “[t]rust will become an even more important component in doing business in the omnichannel environments.” More

Only dead fish follow the stream

May 15, 2018. | Peter Österdahl, Tieto Security Services

Peter Österdahl

Business Developer, Tieto Security Services

Digitalization forces organizations to re-evaluate their security needs. Feed your digitalization stream by taking a strategic approach to cybersecurity. More

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Worried about the approaching GDPR? You don't need to be, because with good planning you can make the regulation a competitive advantage for your organisation. More

Sweden – Trailblazer in cyber security?

April 10, 2018. | Peter Österdahl, Tieto Security Services

Peter Österdahl

Business Developer, Tieto Security Services

Ikea, Volvo, and Spotify. ABBA, Roxette, and Avicii. Sweden has long been a world superpower in both business and culture. Is there anything that would separate Sweden from the rest of the world when it comes to cyber security? More

Maria Nordgren

VP, Sales, Security Services, Tieto

Historically, Identity and Access Management (IAM) has been viewed as a necessary evil. Driven by requirements of compliance and managed by the IT organization, the IAM system is too often viewed as an inhibitor, rather than enabler of progress. But it does not have to be this way. More

Who’s mining their coin in your customer’s browser?

February 27, 2018. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Do you know what JavaScript supply chain attacks are? Read how to protect yourself against them. More

Cybersecurity 101 – SOC against cybercrime

February 8, 2018. | Gawel Mikolajczyk, Tieto Security Services

Gawel Mikolajczyk

Head of Security Operations, Tieto Security Services

One of the fundamental concepts in combating cybercrime today is the Security Operations Center, or the SOC. More

The genie is out of the bottle – now what?

January 23, 2018. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

The current state of ICS malware, and what can be done about it More

Yulia Filipovich

Senior Compliance Manager, Tieto Compliance Cloud, Tieto

Today, the cloud has been widely acknowledged as an effective and efficient enabler to improve the IT landscape. But many, especially in certain industries, still worry about the security and compliance of cloud services and regard security and compliance as an “apple of discord” for cloud. More

Esa Manneri

Customer Executive, Government sector in Finland, Tieto

Public sector organizations are adapting their processes to ensure GDPR compliance. One major concern is how citizens’ data is spread out in data silos that may be out of sync. Why is this critical, and what must be done? More

Markus Melin

Head of Tieto Security Services, Tieto

With the new year still in its diapers, it is time to do some scrying to see the top cybersecurity trends we expect to be high on the agenda this year. More

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Public sector organisations have no immunity from the effects of GDPR. Coming into force in May, it will impact organisations as well as NGOs and the public sector. There is no room for silos in data handling. You need to be aware at all times what private data you have, where it resides, and who is handling it. More

Markus Melin

Head of Tieto Security Services, Tieto

Increasing mobility is a megatrend that shows no signs of weakening. Consumers as well as employees want to stay connected wherever one may roam. But are we carrying a ticking cyber security bomb in our pocket? The answer is a resounding 'yes'. More

Kai Kuohuva

Senior Legal Counsel, Tieto

The EU General Data Protection Regulation (GDPR) is only six months away, and preparations should be well under way by now. More

Tuija Tamghart

Manager, Quality Assurance and Testing Services, Tieto

Most development teams are measured by the amount of functionalities they produce, not on how secure their code is. But you get what you measure. Is this something that should change? What should a software buyer demand from testing? More

Simon Kavanagh

Lifecare Chief Designer, Tieto

Do you remember that Café in Barcelona which served you a delicious cortado while you surfed their free WIFI? Do you remember the personal information you gave them when you signed up? Surely you read their terms and conditions? More importantly, do you know who has your information now and what they are doing with it? More

Maria Nordgren

VP, Sales, Security Services, Tieto

APT, DLP, IAM, UTM – these acronyms are meat and drink to those working with cybersecurity. However, they are not at all familiar to those who decide what and how security investments are made and prioritized: the C-suite. More

Cyber security in the smart age

October 24, 2017. | Markus Melin, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

Our digital everyday life depends on the assumption that every gadget is digitally secure. But are we there yet? More

Markus Melin

Head of Tieto Security Services, Tieto

Many successful cyberattacks are fundamentally very simple. Most of them could have been avoided with thorough security processes and diligent attitude towards patching. More

How do you prevent a coffee machine from hacking your factory?

September 26, 2017. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

You have taken all possible measures to shield your factory against intruders, fires, and power breaks. But had you thought that you should also guard the factory floor against rogue coffee machines? More

Markus Melin

Head of Tieto Security Services, Tieto

Cloud is easy, cloud is good. That’s why companies are extensively utilizing the opportunities it provides. Want to set up an ad-hoc testing environment for a small project? It might have taken several days and a lot of red tape to do this in a closed corporate network, but in the cloud, it’s a matter of minutes. More

When OT meets IT – How to secure factories from hackers

September 12, 2017. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Manufacturing is among the most targeted industries for cyber attacks. What makes manufacturing industry suddenly such a hotspot of risks? More

Tuija Tamghart

Manager, Quality Assurance and Testing Services, Tieto

The pace of application releases is quicker than ever, and it keeps accelerating. At the same time, the majority of breaches happen through vulnerabilities in applications. Are we failing in something essential in our security efforts? More

Four best practices to secure your containers

August 22, 2017. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

An attack against an improperly maintained container environment could have serious consequences. What can we do to mitigate the risks and secure our containers? More

Check your security in the container revolution

August 15, 2017. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Container technology has become the foundation for running applications. But what has happened to security? When we containerize our applications, we must be aware of important new security issues. More

Tuija Tamghart

Manager, Quality Assurance and Testing Services, Tieto

When developing web services or software, it is customary to use real production data in testing. But after GDPR, is it still OK to perform testing with personal data such as medical records or job histories? More

Markus Melin

Head of Tieto Security Services, Tieto

Security is in the daily actions we make. And we all know that when it comes to changing habits, warnings and prohibitions just don’t cut it. More

Vesa Luukkonen

Security Solutions Architect, Tieto

Dark Web, and the Tor network, is normally considered only something criminal. But if we take an objective look, it can offer positive uses as well. One such such use could be more secure IoT networking. More

Tomi Behm

Lead Security Services Product Manager, Tieto

One significant but less discussed aspect of the GDPR is data portability. It is a very complicated matter that CIOs, CISOs, IT managers, data architects, and other personal data controllers must research thoroughly. More

WannaCry – What was old is new again

May 16, 2017. | Timo Ahomäki, Tieto Security Services

Timo Ahomäki

Head of Portfolio Development, Tieto Security Services

Last Friday, the world saw an outbreak of one of the most extensive malware breaches in a while. This malware, called variously WannaCrypt0r, WannaCry or WCry, managed to infect tens of thousands of computers globally in the matter of hours. While new types of malware come and go on a regular basis, it was the nature of this particular piece of malware that took the world by surprise. More

Markus Melin

Head of Tieto Security Services, Tieto

The Eurovision Song Contest brings people together for a week of music and fun. Another huge European project affecting all of us, the General Data Protection Regulation, seems to confuse the general public. Companies and organisations must work together to share best practices and raise awareness of the new rules and their implications. More

Markus Melin

Head of Tieto Security Services, Tieto

The upcoming EU Data Protection Regulation, GDPR, includes the end customer's right to be forgotten. More

Maria Nordgren

VP, Sales, Security Services, Tieto

Imagine it’s the summer of 2018. The GDPR is fully enforced, and thanks to the regulation, you are beating your competition by making your customers happier than ever. How could that happen? More

5 easy steps to a better collaborative security team

April 4, 2017. | Peter Dahlberg, Tieto Security Services

Peter Dahlberg

Sales Lead, Security, Tieto Security Services

Many companies are very cautious about sharing their security strategy and plans outside their own company. The main reason is often the fear about information leaking and/or ending up in the wrong hands. But the consequences of not being open with partners, service providers, suppliers and trusted advisors can be costly. More

Markus Melin

Head of Tieto Security Services, Tieto

The hype word of today is AI, artificial intelligence. What does this mean for cyber security? Turns out, a lot. More

Markus Melin

Head of Tieto Security Services, Tieto

One thing that should be crystal clear to everybody is this: visibility is the most important factor in cyber security. To truly digest this you got to put on your pessimist’s glasses. More

Markus Melin

Head of Tieto Security Services, Tieto

What is the biggest burden in cyber security? This question may be answered in multiple ways, but ultimately most answers could be merged into just one single word: Complexity. Luckily, the first step for resolving this situation is within reach. More

Simo Nurmi

Head of Enterprise Cloud Business Development, Tieto

Security management in multi-clouds might feel like an imposing prospect to many of us. Indeed, it is a complicated and intimidating concept, but it can be managed with the same kind of processes and practices that you probably have in place already with your hybrid cloud configuration or even with your data centres. More

Markus Melin

Head of Tieto Security Services, Tieto

According to Chinese zodiac, we have just entered the year of the rooster. Some of the astrologists tell us that following 12 months are going to be filled with surprises and have lots of action. More

Markus Melin

Head of Tieto Security Services, Tieto

Today, one of the key issues for every organisation is the exponential growth of data. It is an obvious consequence of digitalisation and the Internet of Things: a growing amount of information is in a digital format and it can be recorded from all sorts of devices for all kinds of purposes. More

Mikko Peltonen

Lead Solution Architect, Security Services, Tieto

A true IoT breakthrough heavily depends on security. The lack of security standards is a well-known fact, but there are methods for protecting IoT, such as one-way networking. More

Markus Melin

Head of Tieto Security Services, Tieto

The modern society is built on data. Having data stolen or taken hostage isn’t the biggest threat, however. If malicious attackers manage to manipulate our data without us noticing, we’re in deep trouble. More

Markus Melin

Head of Tieto Security Services, Tieto

In my earlier blog about chatbot security I laid out a troubling question: Why should we worry about chatbots? They are such a new phenomenon that we don't have enough information yet to fully estimate the threats they pose to security. More

Never mind the air gap?

December 20, 2016. | Tomi Behm, Tieto

Tomi Behm

Lead Security Services Product Manager, Tieto

Traditionally, industrial control systems (ICSs) are often considered protected from security breaches by default. Why? It's because they have been air gapped; that is, they lack internet connectivity. But air gaps may lull one into a false sense of security. More

Should we worry about chatbots?

December 14, 2016. | Markus Melin, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

2016 was the year that introduced chatbots to the general audience. You know: the AI powered services that you interact with using a chat interface. More

Maria Nordgren

VP, Sales, Security Services, Tieto

Do you also think that enterprise software, in general, sucks? As consumers, we are used to simple user interfaces that make interaction a breeze. If a software or app doesn’t feel natural to use and get the job done, we’ll just dump it. More

Tomi Behm

Lead Security Services Product Manager, Tieto

Will your car take the front seat in cyber wars of the future? More

Cybersecurity in the Trump era

November 15, 2016. | Markus Melin, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

So now we have it: the underdog of all polls, Donald Trump, won the presidency. As the president of the USA has a strong mandate to govern we must also ask ourselves: what will Trump mean for cybersecurity? More

Tomi Behm

Lead Security Services Product Manager, Tieto

A surprisingly big portion of daily business runs on old operating systems that are no longer supported or will soon be out of support. In fact, it has been estimated that a whopping 80 percent of the world's IT systems are running on platforms that may not yet be completely unsupported but can be termed as "legacy" platforms. More

Markus Melin

Head of Tieto Security Services, Tieto

Barack Obama, Bill Gates, and Stephen Hawking are some high profile public figures who have expressed their concern about Artificial Intelligence taking the place of humans in decision making. More

Who shut down Finland?

October 24, 2016. | Markus Melin, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

In a world where everything is connected, ordinary devices can be hijacked and used for evil purposes. Two recent serious DDoS attacks using IoT devices have shown that we may need to adopt a new attitude to security. More

Markus Melin

Head of Tieto Security Services, Tieto

There is a vibrant buzz on blockchain that has reached our Northern shores as well. More

Maria Nordgren

VP, Sales, Security Services, Tieto

We often do data security like we're in Game of Thrones’ Winterfell and the winter is coming. We brace ourselves, build heavy walls and widen the moats. Comfort be damned, but we're gonna be secure! More

Markus Melin

Head of Tieto Security Services, Tieto

Over the last few years, the many digital work platforms by companies such as Uber, Taskrabbit, Thumbtack and Etsy have paved way to a fundamental change in the way we work and create value in the economy. Monday to Friday 9-to-5 employment may not be totally bygone, but it is supplemented and even challenged with new modes of doing work. These so-called gigging platforms allow people to work for several companies at the same time, bringing challenges to the traditional corporate security model. More

Markus Melin

Head of Tieto Security Services, Tieto

In the olden days, every company was extremely jealous of their own data. If somebody dared to suggest exposing it to the surrounding world even a bit, he/she would most likely have been sacked. More

Markus Melin

Head of Tieto Security Services, Tieto

A common misconception in today’s analytics frenzy is that more is more. It goes like this: we have an infinite Internet with endless touchpoints and data storage is cheap. So why not harvest all the customer data one can! Who knows, maybe something valuable we don’t even recognize yet might fall into our laps? More

Markus Melin

Head of Tieto Security Services, Tieto

Companies put much effort in securing their data by technological means. However, firewalls and strict security policies are not enough. According to a survey, 75% of security breaches in large organizations are staff-related. True security is people centric security. More

Markus Melin

Head of Tieto Security Services, Tieto

One of the key topics for me and our business at the moment is EU’s General Data Protection Regulation. It’s a major shift that will rock the world of almost every organisation that is doing business in the EU. More

Markus Melin

Head of Tieto Security Services, Tieto

One out of three CIOs feel that cybercrime is the biggest threat facing their organisation. No wonder: every third CIO also admitted that their organisation had been targeted by a major cyber-attack during the last year. More

Tomi Behm

Lead Security Services Product Manager, Tieto

In the world of datacenters and cloud computing, one of the most interesting new trends is software-defined data center, abbreviated SDDC in professional jargon. More

Tomi Behm

Lead Security Services Product Manager, Tieto

Your organization might feel overwhelmed when faced with the requirements of the quite-soon-to-be-enforced General Data Protection Regulation. More

Markus Melin

Head of Tieto Security Services, Tieto

There is a need for more and more cyber security specialists, but supply of skilled professionals is well behind demand. How can we close the recruitment gap? More

Markus Melin

Head of Tieto Security Services, Tieto

EU’s General Data Protection Regulation has a wide scope, but there’s no need to panic or feel overwhelmed. Work your way through the following practical questions, and complying with the requirements of the new legislation becomes much easier. More

Maria Nordgren

VP, Sales, Security Services, Tieto

You can't avoid security attacks, but you can prepare for them. When you have plans and processes in place, responding to the incidents is faster and more effective. More

Markus Melin

Head of Tieto Security Services, Tieto

There’s a disconnect between how board members think cyber security affairs are run and how security executives know they are run. The key to overcome this communications breakdown is to have a common view on security.  More

Markus Melin

Head of Tieto Security Services, Tieto

Keeping company’s digital assets secure should be the CEOs’ top concern and given enough funds to run smoothly. More

Tomi Behm

Lead Security Services Product Manager, Tieto

"If I could turn back time." The likes of us who work in cyber security know this is not just a pop fantasy by Cher. For security professionals it is a common wish that is usually triggered by a security breach. More

Markus Melin

Head of Tieto Security Services, Tieto

It is far from certain what the detailed impacts of  the new EU privacy legislation will turn out to be in practice, but one thing is for sure: now is the  time to figure out what customer data your organization holds and exactly where that data is stored. This is an effort that will not go to waste no matter what. Unfortunately, it’s probably more difficult than you think. More

Markus Melin

Head of Tieto Security Services, Tieto

How can we ensure that the people who work in cyber security have all the skills they need? More

Are your employees your biggest enemies?

May 25, 2016. | Peter Dahlberg, Tieto Security Services

Peter Dahlberg

Sales Lead, Security, Tieto Security Services

A while ago, an employee of a news wire service Associated Press got the following email: More

Tomi Behm

Lead Security Services Product Manager, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

Tieto Security Services believes in partnerships when offering the best possible level of service and security for its clients. In the cyber security operation center domain we are partnering with Symantec, the global leader in managed security services. This partnership isn't your ordinary security operations center – it's SOC on steroids. More

Markus Melin

Head of Tieto Security Services, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

Hacking a large corporation’s information system is a scene depicted in dozens and dozens of Hollywood movies. The usual story line includes a person infiltrating the headquarters in disguise in order to connect his laptop to the system and get a hold of physical devices such as elevators, doors etc. Mission Impossible is a classic in the genre. More

Markus Melin

Head of Tieto Security Services, Tieto

Ransomware is the new menace in town. It’s a type of malware that prevents or limits users from accessing their business critical data. Ransomware forces its victims to pay a ransom in order to unlock their systems. More

Tomi Behm

Lead Security Services Product Manager, Tieto

When we talk with security professionals in the field, one ever-present theme is the need for more strategic insight into security. And this is where traditional auditing may leave us wanting. More

Which hat do you wear today?

April 14, 2016. | Markus Melin, Tieto | Tomi Behm, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

Tomi Behm

Lead Security Services Product Manager, Tieto

To achieve security in the age of hybrid business, you need to manage users' identities effectively across system and enterprise boundaries. More

Markus Melin

Head of Tieto Security Services, Tieto

Whatever your take about the FBI vs. Apple conflict is, one thing is for sure. It has underlined cyber security as a strategic business asset. More

Markus Melin

Head of Tieto Security Services, Tieto

I got the privilege to once more attend one of the most important security events in the world, the RSA Conference 2106. Staged in Moscone Center of San Francisco, famous for being the place where Steve Jobs introduced the original iPhone and changed the mobile business for good, it gathered together over 40 000 security professionals. More

Markus Melin

Head of Tieto Security Services, Tieto

Tomi Behm

Lead Security Services Product Manager, Tieto

Sooner or later, it was bound to happen. More

Markus Melin

Head of Tieto Security Services, Tieto

The role of CIOs in our hybrid world isn’t always enviable. More

Peter Dahlberg

Sales Lead, Security, Tieto Security Services

Like security itself, security market is diverse and evolves constantly. There’s no shortage of solutions, technologies, components, and partners. If finding a right combination is laborious, keeping an eye on the selected security infrastructure on a daily basis is even more so. More

BYO culture – CIO's nightmare?

February 16, 2016. | Markus Melin, Tieto | Tomi Behm, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

Tomi Behm

Lead Security Services Product Manager, Tieto

If you are forced to work with a company-mandated laptop that weighs a ton, takes fifteen minutes to start up and is a royal pain to use in general, why not ditch it and use your latest-model ultrabook that gets the job done quickly and without additional hassle? More

Markus Melin

Head of Tieto Security Services, Tieto

In security, it has been traditionally thought that no news is good news. More

Tomi Behm

Lead Security Services Product Manager, Tieto

We acknowledge that security in the modern world is a very complex thing that mixes technology, people, behaviours and processes. It would be preposterous to think that one company alone could be able to provide everything that is needed to keep a company’s digital business assets secure. More

Markus Melin

Head of Tieto Security Services, Tieto

As so many of you, also I could be called a hybrid employee. More

CEO: The next security hero

January 19, 2016. | Markus Melin, Tieto

Markus Melin

Head of Tieto Security Services, Tieto

When security is out of sight, is it also out of mind? Let's be honest. If business leaders don’t have a real-time view to their digital assets, isn't there a great danger that they just hope their business is secure? But they don't really know. More

Timo Wuoma

Head of Enterprise Integration Solutions, Product and Sales, Tieto

Thanks to private cloud solutions, large enterprises can deploy SharePoint off-premises without compromising on security. But can it solve their governance problems? More

Mikael Salonaho

Chief Risk Officer, Tieto

Hacking threats have been around for years, but growing digitalization means it's now more important than ever that organisations take steps to protect their IT systems from cyber attacks. More

Mikael Salonaho

Chief Risk Officer, Tieto

Without data communication or IT, it would be very difficult for any organization or company to operate. We have become massively more dependent on ICT than we were a few years ago. More

Stay up-to-date

Get all the latest blogs sent you now!