<img src="https://certify.alexametrics.com/atrk.gif?account=kla4t1zDGU20kU" style="display:none" height="1" width="1" alt="">
Contact us
Request demo →
Contact us

Use case: Provincie Overijssel

by Sebastiaan Bosman Use case 17 Aug 2020

For governmental organisations, it is important to have a clear overview of their digital footprint and risks. They need to ensure the right policies are in place when it comes to cybersecurity. To illustrate their challenges, and the benefits of digital footprint management, we've interviewed one of our customers from the governmental sector. Rick Verkade, Security and Privacy Specialist at Provincie Overijssel shares his experiences in this interview.

Rick, can you tell something about your role and the organisational structure of the Provincie?

“Of course. I actually have somewhat of a fresh outlook on the cybersecurity challenges within the organisation. I started my current job a few months ago, coming from a background in crisis management, where I prepared an organisation for crisis situations and advised management during incidents. Before I joined the Team Security & Privacy at the Provincie, their responsibilities were growing, which resulted in the CISO and Data Protection Officer having to do some operational tasks as well. That wasn’t what they were assigned to do as they hold more strategic positions, thus creating the need for my role.
“The Provincie Overijssel functions as the bridge, as it were, between the national government and the 25 smaller local municipalities within its borders. It controls policies and information in a broad sense, such as the infrastructure and environmental aspects, but also data on the 1.15 million residents. Naturally, it’s vital none of it is stolen or leaked, regardless of whether the data is sensitive or not. The security and management of the IT systems are my main responsibilities.”

What were your first priorities and challenges?

“Initially, I had to learn two things: the organisational structure and processes, and the digital environment. The latter was the more difficult of the two, as this was already a challenge before I joined. It was the CISO and Data Protection Officer who had started to map our online presence, but they could only do so much with limited resources and their governance-related tasks. So gradually, that task became one of my responsibilities. That way, I could provide the information he needed to set effective policies. However, before you can start to report on our security levels, you need to know what you have to secure in the first place. Logically, plans and policies are more useful when based on the entire digital infrastructure.

What impacted the need for a solution?

“The factors complicating our asset inventory were the way IT and organisational practices were set up. On the IT side, we use a shared service centre for certain IT procedures and to host our domains. On an organisational level, we have a decentralised approach, resulting in more autonomy for individual departments. When, for instance, a marketing team wants to create a domain, that request is processed by the shared service centre, and a new domain pops up. However, this is not always clear to us, meaning we can’t keep track of the exact number of domains, the information shared on those domains, security certificates and more.

“There were three questions we had to answer:

  • Which domains are out there?
  • Which domains are under our management?
  • What are the security risks of the domains?”
How did you fill those information gaps?

“There was no real solution in place, neither manual nor automated. We needed something that superseded the alternative of having to constantly check in with the shared service centre for new domain and security updates. Information security is my team’s responsibility, so we wanted to stay in control ourselves and not be dependent on our service centre – even though we know we can trust them.
“We had to start at the beginning. As there was no previous solution or tool for the asset inventory, this was the moment to create a solid foundation. Doing it right and thoroughly was important, and that’s what we needed help with. We are not yet at the stage to track security performance or policy effectiveness, but the inventory has grown with every confirmed asset the platform identified. We have already found more assets than we thought we had.”

What are the next steps?

“We will keep mapping our digital footprint to create an ever-increasing overview. The automated risk categorisation makes it easier to prioritise any critical vulnerabilities and risks right away, but the focus thus far has been on getting a full picture. It’s insightful to see what domains are related to our organisation, and who should manage them. We don’t take ownership of domains that aren’t under our team’s control, but the detailed information and suggested action per asset helps to steer other departments. Together, we’ve made significant progress to strengthen our cyber-resilience.”

Perhaps we can meet again for a second interview in a few months, to see how the insights into our digital footprint have developed?



More resources

Forwarding your call: How do DNS and CNAME records work?

The web is in a continuous state of dynamic development, with websites being created, updated, and deleted every day. These websites are the digital equivalent of a rented property. Similar to physical properties, visitors will need a precise address to visit you.

read more

Digital Footprint explained: What is it & where does it come from?

It's the term we use the most: Digital Footprint. It is the foundation of your organisation’s digital infrastructure. It’s the starting point of your IT security policies, configuration database management, vulnerability mitigation, and much more. In this blog, we’ll shortly describe what drives the need for a Digital Footprint solution, share our definition of the term, and explain how it minimises the risks to your brand.

read more

Swagger API: Discovery of API data and security flaws

APIs (Application Programming Interface) are used by applications to communicate and interact between systems, access data, and much more. It makes sure you get the correct response on a request. However, if someone were to intercept this request-response, they could potentially misuse the data or alter the process. Cyber-criminals scan the internet for unsecured APIs on a daily basis. If not properly secured, this can lead to unauthorised access to internal data or customer information. What’s more, in some cases it allows tampering with data directly from an exposed API. This technical article focuses on mapping and discovering Swagger APIs throughout the EU. We will present how we discovered those APIs and checked for misconfigured examples. We will illustrate each step using screenshots, present the results, and provide defensive recommendations. Research conducted by Soufian El Yadmani, Security Analyst at Cybersprint The interactive map below shows how many Swagger APIs we found, and in which region. You can click, drag and zoom to see how many Swagger APIs were found in your area.    

read more

Do you have a question?

Our experts have the answers

Contact us