Audits and regular reviews: How an ISMS is continuously improved
An ISMS is not a project – It is a process The information security management system (ISMS) is already implemented in many companies or in the process of being introduced. But even with a cleanly documented system, up-to-date policies, and a completed audit, the work is not done. On the contrary: An ISMS that is […]
NIS2 is coming – are you ready?
Many companies that previously did not consider themselves “critical” are suddenly in the spotlight of European cybersecurity regulation. IT management, executive leadership and security officers in medium-sized companies are currently asking: Are we affected by the NIS-2 Directive – and what exactly does that mean for us? On 30. Juli 2025, the Federal Office for […]
Critical Security Vulnerability in Microsoft SharePoint: Urgent Action Required for Businesses!
“The on-premises instances of Microsoft SharePoint are currently threatened by highly critical security vulnerabilities. This means action is required. Some of these vulnerabilities are already being actively exploited.” Claudia Plattner, President of the BSI Video message from the BSI In a recent video message, the Federal Office for Information Security (BSI) issues an urgent warning about a […]
Digitalization in public administration: opportunities, challenges, and how Honicon GmbH’s Cyber Security Check helps
A conversation among equals: What digitalization in public administration means today The digitalization of public administration is a central topic for public authorities and companies alike. As part of a recent conversation between Helene Brubrowski and Claudia Plattner, a renowned expert in public-sector digitalization, it became clear: The biggest challenges lie not only in outdated […]
What is risk management based on BSI Standard 200-3 in the context of NIS-2 and IT-Grundschutz?
NIS-2 shifts the focus of information security. It’s not just firewalls, patches, or individual technical measures that take center stage, but the management of risks. Legislators and regulators are turning their attention to structures, responsibilities, and how organizations identify, assess, and treat risks. The BSI IT-Grundschutz has provided a framework for this for years. With […]
More security by law: Bundestag passes the NIS 2 Implementation Act
ℹ️ tl;dr On 13 November 2025, the Bundestag transposed the NIS 2 Directive into German law without transitional periods. The BSI Act (BSIG) is comprehensively redrafted: expanded catalogue of obligations, central risk management, supply chain security, and strict reporting duties. The scope is greatly expanded and covers significantly more companies, suppliers, and authorities at the […]
Do you really need Verinice, HiScout & Co.? – How an ISMS works with Jira and Confluence
ℹ️ tl;dr NIS2 requires many organizations to set up an ISMS. Instead of expensive specialist tools like Verinice or HiScout, Honicon relies on Jira, Confluence & asset management. Documentation, risk management, and business continuity can be implemented seamlessly there. Benefits: less complexity, lower costs, familiar tools, higher adoption. Information security thus becomes part of everyday […]
30th DFN Conference “Security in Networked Systems”
The 30th DFN Conference “Security in Networked Systems” took place from 8-10 February 2023 in the Grand Elysée Hotel Hamburg. The event is organized yearly by DFN-CERT and well established in the security field. Last week we visited the DFN Conference on IT Security in networked systems. The DFN Conference addressed issues relating to information […]
Secure login – once for all applications
Kantega SSO Enterprise – the Swiss Army Knife for Authentication Who doesn’t know this these days – many portals, many logins and many passwords. For many of us, keeping track beyond password managers and password policies is clearly a challenge. Atlassian applications are no exception. Whether it’s Active Directory, Red Hat Identity Management, Keycloak, Oktave, […]