|We are in the TOP 10 teams in the world of the Capture the Flag competition!||https://www.aec.sk/en/news/Pages/we-are-in-the-top-10-teams-in-the-world-of-the-capture-the-flag-competition.aspx||We are in the TOP 10 teams in the world of the Capture the Flag competition!||<h3>The AEC team, made up of Erik Šabík, Miriam Gáliková, Lukáš Bendík, Petr Řepa and Michal Kališ, finished in a fantastic ninth place in the world-renowned Tenable CTF competition. Our five colleagues, who joined forces as Želvy Ninja (Ninja Turtles), thus considerably improved on last year’s result, which was still an impressive twenty-first place. </h3><div>
</div><div>Five hectic days, 1 357 registered teams, but just a handful of truly successful ones. That was this year’s international Capture the Flag competition organised by Tenable, the American provider of top-class vulnerability monitoring solutions and also one of our company’s major partners. </div><div><br></div><div>
This year, our artists Leonardo, Michelangelo, Raphael, Donatello and Master Splinter relentlessly fought their way through the competition to finish amongst the top ten very best teams from all over the world. From 9 to 13 June 2022 each of them completed a whole range of tasks focused on IT security to win as many points as possible for their team. </div><div><br></div><div>
“<a href="https://tenable.ctfd.io/scoreboard">This year’s CTF was really interesting, especially as it emphasised dealing with attacks from the real world</a>,” said Erik Šabík, adding: “Tenable is a particularly renowned company in the security world, and just because it faces the highest level of current threats on a daily basis, we could expect this competition to be a major challenge.” </div><div><br></div><div>
The Ninja Turtles team was made up of five AEC pen testers, each specialising in a slightly different area, which proved to be an advantage in tasks that covered a broader scope. Erik, Miriam, Lukáš, Petr and Michal first focused on the areas that interest each of them the most, and completed tasks in which they excelled. </div><div><br></div><div>
“We worked together to try to find solutions to the most difficult tasks,” explained Erik Šabík. He said that, paradoxically, the team struggled most with the lesser-scoring, tasks, which were apparently easier. Yet they coped very well with the toughest assignments. </div><div><br></div><div>
The tasks in this year’s Tenable Capture the Flag included web applications, reverse engineering, cryptography, steganography and forensic analysis. There were a couple of tasks focusing on the Tenable Nessus scanner, as well as on analytical thinking. </div><div><br></div><div>In the opinion of our successful colleagues, what helped them the most in this year’s achievement was the skilled make-up of the team and the fact that the hardest tasks they had to deal with were not so different from what they face in their work for AEC.
|Security 2022 Conference: the online world is getting hotter, risks are escalating||https://www.aec.sk/en/news/Pages/security-2022-conference-the-online-world-is-getting-hotter-risks-are-escalating.aspx||Security 2022 Conference: the online world is getting hotter, risks are escalating||<p>
<span style="color:#6773b6;">Covid-19 and Russia’s invasion of Ukraine have changed the IT environment to such an extent that it will never be the same. What risks do we face and what scenarios can we expect to unfold? Participants at the Security 2022 conference on international cybersecurity also pondered this.</span></strong> </p><p>After a two-year hiatus enforced upon us by the coronavirus pandemic, we managed to organize the 28th Security 2022 conference. This is the largest independent event in the Czech Republic to focus on cybersecurity and took place on Tuesday 7 June in Prague.</p><p>“We are glad that this year we managed to successfully build on previous years,” said Igor Čech, marketing manager at AEC, adding: “We are pleased that we could once again meet everyone in person, and I really appreciate the big turnout.”</p><p style="text-align:center;"><img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-063.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /><br><br></p><p>The lectures, covering the most topical cyber security issues of the day, were divided into two parallel sessions. They were attended by 580 registered participants. This year’s event was dominated by topics related to Covid-19 and, in particular, the war in Ukraine.</p><p>This conflict changes many of the rules. Global development scenarios are unclear, the business environment is unstable, and governments are increasingly willing to resort to tough regulations. The time when everyone did business with everyone else is over, and corporate leaders are being forced to face risks that are escalating in ways never before imagined.</p><p>In their presentation, the experts from Gartner more or less outlined this framework of current events and then proposed four possible scenarios for future developments in political and economic relations. Unfortunately, none of them even remotely envisages a return to the stability of previous years.</p><p>The packed hall also listened to our colleague, Ukrainian security specialist Yehor Safon, who filled us in on the little-known circumstances of the cyber war between Russia and Ukraine, described sophisticated attack vectors, as well as those defence techniques that have proven to be effective.</p><p style="text-align:center;"><img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-060.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /><br><br></p><p>This year, 27 speakers from the Czech Republic and abroad presented their papers. The presentation by Israeli expert Paul Moskovich, who vividly described the tale of an unprepared company that failed to cope with the fatal consequences of a cyber-attack, received well-deserved attention.</p><p>So, which lectures did the Security 2022 conference participants vote for most? Firstly, the one by cryptologist Tomáš Rosa from Raiffeisenbank about the fundamental weaknesses in the security of the eRouška app, where it turned out that not all aspects played in our, the users’, favour.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-108.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
</p><p>Then there was the presentation by Robert Šuman, in which the head of ESET's research laboratory gave a detailed mapping and a timeline of the activities of three major pro-Russian hacker groups and their role in attacks on Ukrainian IT infrastructure.</p><p>Last but not least, the presentation by security specialists Lukáš Renec and Katarína Galanská from our company grabbed the audience’s attention. In their presentation, they gave listeners an entertaining insight into the preparation and course of a simulated social engineering attack on large banking houses in the Czech Republic.</p><p>“We are delighted with the evaluation and the feedback, it is clear that the conference met its purpose,” said Igor Čech and concluded, “The quality of the lectures, the interesting discussions and the overall friendly and shared atmosphere all contributed greatly to this. We would like to focus even more on networking in the future.”<br></p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-092.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
|We are now TISAX certified||https://www.aec.sk/en/news/Pages/we-are-now-tisax-certified.aspx||We are now TISAX certified||<p>We have recently added another important standard to the list of our security certifications. Following the implementation of all necessary measures we have obtained TISAX® certification. This is a German security standard that guarantees the trustworthiness of organizations and their ability to protect the information of automotive industry partners.
<br></p><p>“As a company that offers its clients the highest level of cyber security, information security comes first,” noted Hana Vystavělová, AEC Compliance Manager, who added: “Our efforts to obtain TISAX® certification were helped considerably by the fact that we have long been compliant with the current international ISO/IEC 27001 standard, which defines the requirements for information security management systems.”
</p><p>Over time, representatives of the automotive industry have come to demand the systematic and trustworthy information security assessment of partners in the form of TISAX® (Trusted Information Security Assessment Exchange) certification. The reason for this is the growing amount and importance of sensitive information exchanged and processed between automotive service providers and suppliers.
</p><p>The TISAX® certification guarantees the ability of companies to protect the information of their clients and associates and minimize cyber risks. This confirms the ability to meet the most demanding customer requirements, including preventing misunderstandings and risks when exchanging information and protecting prototype <a href="https://portal.enx.com/en-US/TISAX/tisaxassessmentresults/?fbclid=IwAR0qPrh1b-SINsf80FlvVsEJkV945pC6ikH_RZENda7AhiP-kpl7mu6MxdU" target="_blank">the ENX portal</a>. </p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/aec-tisax-statement-2022.jpg" data-themekey="#" alt="TISAX" style="margin:5px;width:658px;" />