News
Check out and subscribe to our newsletters
Commited since 2013 to make the world a more secure place- Happy 10th Birthday CCLab!
3
min reading time
CCLab reached an important milestone in 2023, as it celebrated its 10th anniversary on April 3. The entire team celebrated this significant event with a 2-day trip at the breathtaking Avalon Resort & Spa in Miskolctapolca at the beginning of May. This remarkable event was full of excitement, heartfelt moments, and learning, just as CCLab has been for the past 10 years.
Internet of Medical Things - how to prepare your product for cybersecurity evaluation
11
min reading time
The Internet of Medical Things (IoMT) has transformed the healthcare sector worldwide by allowing continuous remote patient monitoring, real-time data collecting, and improved treatment results. According to a recent analysis by Grand View Research, Inc., the global IoMT market is predicted to reach USD 861.3 billion by 2030 and to increase at a 16.8% CAGR from 2023 to 2030.
Common Criteria Statistics Report 2022
3
min reading time
It has now become a tradition that each year JTSEC, an ITSEC consulting company, publishes the annual Common Criteria Statistics Reports, an all-in-one report that collects and analyses all kinds of data on various aspects of the Common Criteria market. We are delighted to share that this year CCLab has made it into to report once again, as we conducted the Common Criteria evaluation project of two products under the Italian Scheme (OCSI).
What is IIoT and which industries does it impact?
11
min reading time
The Industrial Internet of Things (IIoT) has emerged as a game changer for manufacturers and developers looking to optimize processes and increase the efficiency of different industries by establishing intelligent networks that connect equipment, sensors, and systems. In 2021, the global market for IIoT platforms and apps for manufacturing industries was estimated to be worth 4.4 billion US dollars. The market is predicted to expand in the following years, reaching 22.3 billion US dollars in 2025.
Consumer IoT security issues you should consider - and how to avoid them
8
min reading time
According to IoT Analytics’s latest report, the number of worldwide Internet of Things (IoT) connections increased by 8% in 2021 to 12.2 billion active endpoints in May 2022. This was much lower growth than in the years preceding the COVID-19 epidemic. The slower increase was mostly due to supply concerns rather than demand, which remains high owing to all of the potential enabled by IoT devices and systems.
Internet of Medical Things cybersecurity - it is more important than ever
7
min reading time
In recent years, the Internet of Things (IoT) has grown from arising technological innovations and inventions to devices and equipment that form part of our daily lives. Smart cars, office buildings, homes, and industries, as well as wearable devices and smart sensors, are ushering in a new era of digitization. However, there are sectors -such as healthcare-, in which IoT is of particular importance.
Wireless security risk: The importance of Bluetooth devices’ Common Criteria certification
6
min reading time
In parallel with the explosive development of digitalization and online work, worrisome statistics regarding cyberattacks are expanding yearly. The outbreak of the pandemic in 2020 significantly increased the wireless security risk and contributed even more to the success of cybercriminals, as many companies had to switch to the home office or hybrid work model almost overnight without any preparation.
NDcPP, the Common Criteria Protection Profile for Networked Devices
6
min reading time
The latest version of the Network Device collaborative Protection Profile (NDcPP) was released in March 2020. NDcPP currently is one of the most popular and extensively used protection profiles among network device vendors and manufacturers to get their product certified.
Medical Device Regulation - a brief overview from a cybersecurity perspective
8
min reading time
According to Cynerio, a healthcare IoT cybersecurity company, 53% of connected medical equipment in hospitals has a known critical cybersecurity vulnerability. A third of bedside connected devices used in healthcare settings have an identified critical risk, which is definitely more worrying in terms of patient safety. This is just one of the many reasons why on 5th April 2017, the European Parliament voted to adopt the awaited Medical Device Regulation (MDR) and In vitro Diagnostic Regulation (IVDR). One of the most critical goals of the new Regulations is to strengthen medical device cybersecurity.
We help with automotive cybersecurity - this is how
7
min reading time
Based on Upstream’s - a cybersecurity and data management platform for connected vehicles - latest report, the frequency of cyberattacks on cars increased 225% from 2018 to 2021. This data perfectly represents the importance of strengthening automotive cybersecurity for the entire industry. In our article below, we provide insight into this topic and its possible solutions. We explain why international cybersecurity standards and regulations are extremely important. Moreover, you can learn how we support automotive cybersecurity at CCLab.
Why is cybersecurity important in smart metering?
6
min reading time
The global market for Smart Meters, estimated at US$10.5 billion in 2020, is predicted to grow at a CAGR of 6.7 percent, reaching US$15.2 billion by 2026. Based on the latest available data, U.S. electric utilities have about 102.9 million smart meter device (AMI) installations while 26.4 million homes and small businesses are equipped with smart and advanced meters in Great Britain.
What is a smart metering device, and what kind of cybersecurity requirements does it have to comply with?
6
min reading time
Smart meters are progressively being adopted globally for a variety of deployments, including electricity, gas, and water. Their two-way communication feature enables real-time tracking of utility usage by both the utility supplier and the consumer.
How to protect your business' Industrial Control Systems?
7
min reading time
Did you know that in the first half of 2021, 33.8% of Industrial Control Systems’ (ICS) computers were attacked, which is 0.4% points (p.p.) higher than in H2 2020? This means that only in the first 6 months of last year, over one-third of ICSs suffered some kind of cyber attack in the world.
What are the main steps of Common Criteria evaluation?
6
min reading time
Our new article will provide you with valuable information if you are considering getting your IT security product or technology CC Certified, or if you are interested to know more about the Common Criteria evaluation process.
With great interest, we held the second part of our Common Criteria, The Security Passport workshop
2
min reading time
It proved to be a good decision to continue our workshop on Common Criteria on 9th June 2022. Many professionals attended to get first-hand information and updates from the world of CC and there has also been a lot of interest in CCGuide, our new educational material.
Common Criteria: can this article give you an answer to all of your questions?
9
min reading time
You probably heard about Common Criteria, but you might be unsure what it means and whether you should get your product or system certified. We will go into detail about this topic so that, in the end, the concept of Common Criteria is going to be perfectly clear.
What Can We Learn From Google Zero's Statistics about Flaw Remediation?
5
min reading time
We all use certain computer products with their software and different applications installed. We never think about opening the window for cyber attacks as we usually believe the software products are safe enough. During a research, Google team has found many vulnerabilities in software used by a great amount of users.
Common Critera, The Security Passport- Part 2.
3
min reading time
We continue our Common Criteria workshop series, join us on 9th June 2022! Insights and updates from the world of CC, so as first-hand information and advice on preparation will be shared with the attendees. CCGuide, a new supporting tool will be introduced to developers who are willing to start a new Common Criteria certification project.
MDR compliance 101: The MDR compliance procedure and its complexities Part 4.
4
min reading time
Medical device cybersecurity solutions, MDR IVDR compliance. The latest article in our medical device cybersecurity related blog series has arrived. Today, we will explain the MDR compliance procedure and its possible complexities that everyone needs to know who has to conform with these regulations and obtain a CE certification.
EUCC - A New Cybersecurity Scheme for the Certification of ICT Products in Europe
2
min reading time
EUCC is a new certification scheme for ICT products that uses internationally recognized best practices and additional concepts used in Common Criteria. Why this is needed and what to expect, read on!
We held our Common Criteria, The Security Passport workshop
3
min reading time
The invited keynote speakers and our team members presented different points of view and it has created a really interesting workshop with nearly 40 participants from different parts of the world, representing a number of respected companies.
MDR Compliance 101: Medical device vulnerabilities and their solution Part 2.
4
min reading time
Medical devices have been around for decades, however they weren’t built with cybersecurity in mind. Even though these connected devices, like insulin pumps, peacemakers or smart MRI scans gain popularity with an increasing speed, their security consideration still lags behind when compared to other IoT devices intended for industrial usage.
Common Criteria, The Security Passport: 1 topic from 4 perspectives
2
min reading time
Our aim is to share practical information and recommendations not only to those who are still be planning Common Criteria evaluation, but also those who have already been involved in such a process.
MDR compliance 101: Medical devices from cybersecurity point of view Part 1.
6
min reading time
IoT healthcare devices are relatively new on the market, and they are gaining popularity with an ever-increasing speed. However, as medical device manufacturers are building devices with healing and state-of-the-art technology in mind, they frequently forget about the security of these tools.
Booming demand for Smart Meters in APAC, but what about reliability & security?
3
min reading time
In 2017, Global Marketing Insights valued the market size of Asia Pacific Smart Water Metering at over USD 85 million and estimated that the annual installation rate will exceed 6 million units by 2024. A year later, in 2018, this number grew significantly.
European Union to regulate IT security of critical infrastructures
4
min reading time
Cybercriminals are no longer seeking to steal personal information only, like credit card details from private individuals, but attempt to hinder or debilitate the operation of online infrastructures that can cause serious upheaval in real life, and is a matter of national security.
How smart healthcare makes hacking a lethal weapon
3
min reading time
Cybersecurity professionals have been alarming the healthcare industry about the threat of exploitation of smart healthcare devices and the doctors’ over-dependence on them until sadly, their warnings became reality, and a person lost her life in a ransomware attack in a German hospital last year.
CCLab's professional contribution to the cybersecurity industry
1
min reading time
Our professionals at CCLab are dedicated to contributing to the cybersecurity industry. Our aim is to help the profession by active participation in many professional forums, where our knowledge and experience could add value.
Certification scheme under the Cyber Security Act
1
min reading time
Being a member of the Ad Hoc Working Group Gábor will represent CCLAB and Hungary on the highest professional level. We proudly announce that our respected colleague, Mr Gábor HORNYÁK was appointed by ENISA as one of the 20 international experts to work as a team and shape the first certification scheme following the European Cyber Security Act framework.
