Open post
säkerhetsprodukt link22

Three government security challenges solved with data diodes

Three government security challenges solved with data diodes

As government authorities are becoming more vulnerable to various types of cyberattacks, it is crucial to prioritize cybersecurity and implement systematic measures to protect against these threats. An important aspect of cybersecurity is selecting the appropriate solutions, such as data diodes, which are designed to withstand attacks and provide a high level of security for sensitive information. By utilizing data diodes, government authorities can effectively address a range of IT security issues and ensure the protection of data security.

The data Diode
A data diode is a cybersecurity solution that utilizes one-way-communication to exchange information. This hardware product provides high assurance in maintaining the integrity of networks by preventing intrusions, while also protecting sensitive information through maintaining network confidentiality. Data diodes are an important part of any comprehensive cybersecurity strategy.

säkerhetsprodukt link22

Data diode or Firewall?
When it comes to protecting sensitive or classified information from leakage or manipulation, one common solution is to completely disconnect it from other networks. However, there may be times when data needs to be transferred to or from the protected network. In these cases, a firewall may not be sufficient for improving cybersecurity. While a firewall can help protect the network by only allowing certain traffic through, a high assurance supplement in the form of a Cross Domain Solution (CDS) may also be necessary. A CDS, like a data diode, helps to maintain secure information exchange between domains with different security or protection needs. Data diodes, specifically, are a type of CDS that facilitate communication, sharing, or movement of information between domains while also applying validation, transformation, or filtering to the exchange.

Secure File Transfer
One use of data diodes for government authorities is secure file transfer. When transferring important information from a high-security system to a lower-security administrative office network, there is a risk of security breaches. However, by using a data diode to send the data from the high-security network to the lower-security network, the information can be transmitted safely while maintaining the integrity of the high-security network. The data diode ensures that no one can use the same connection to access the sensitive network and potentially manipulate it while also protecting the sending domain.

Learn more about the functions of data diodes here.

Using data diodes for traceability and logging in security-sensitive operations
Centralized log collection in security-sensitive systems can increase the risk of attacks. To mitigate these risks, a solution is needed that protects both log information and all connected systems.

Many IT systems generate logs that allow for troubleshooting and traceability. To maximize the usefulness of these logs, it is important to collect logs from as many systems as possible into a central system for storage and analysis.

If you have security-sensitive or zoned systems and want to implement centralized log collection, you must consider the inherent goal conflict. Logging benefits from having a common system for all zones/subsystems, but a common system increases the risk of various types of attack and the risk of information leakage between the supervised systems.

Data diodes can provide powerful protection for centralized log collection. Each zone that delivers log information is protected with a data diode. The data flow is unidirectional towards the log system. This allows for the use of a common log system, regardless of the number of zones that deliver data to it. 

Read more about logging and CDS here.

Welcome Henrik Nilsson!

Secure Updates
As the use of Windows and/or Linux based systems within ICS/SCADA has grown, the need to update these systems has become more pressing. This is because complex software often contains bugs that need to be fixed in order to maintain system stability and security.

However, if not done properly, the process of updating can itself pose a security risk. The integrity and availability of the systems must be maintained, and most system updates are not adequately evaluated in the environment in which they are used or in combination with the applications that are running.

One way to securely perform updates is by using a data diode to ensure one-way communication. The data diode is connected in such a way that information can be imported into the system, but since no traffic can be transmitted in the opposite direction, information leakage is prevented.

We know the in and outs of data diodes from a cybersecurity point of view. Please do not hesitate to ask us anything.

Book a demo or a meeting here.

Welcome Henrik Nilsson!
Open post

A national safety discussion secured by Shield

A national safety discussion secured by Shield

A meeting between military Officers and the ministry of defense is held with security support from Shield

Mobile phones are relatively easy to use for eavesdropping on meetings. Phones are therefore an attractive target for foregin powers who want to conduct espionage. They can be hacked through downloaded apps that have access to the microphone and by physically getting a hold of the phone to install malicious software. This means that a phone should never be left out of sight and that a phone never should be laying around during a meeting where sensitive information is discussed. An obvious cyber security conundrum.

Safety meeting

Shield is our solution to this problem, a noise-box especially developed to make phones less of a security risk. Here is an example of how Shield can be useful in a meeting between politicians and national defense.

Two high ranked officers have a meeting with the defense ministry and two politicians from the ruling party. None of the participants want to leave their phone out of sight as it is a security risk for them. They enter the meeting room and put their phones in Shield. One of the politicians has a smartwatch that she puts in the Shield. The meeting is held at full discretion.

Read more about Shield here.

Welcome Henrik Nilsson!
Open post

The Year 2022

The Year 2022

2022 has been a record year for Link22. Not only have we closed record-large deals, but we have also gained renewed trust from our customers when it comes to protecting critical infrastructure, integrity, and data. Our customers have been very satisfied with this year's deliveries, which is the most important thing for us.

But it's not just our customers who have shown trust in us. We have also been named a Gazelle company for the third year in a row by Dagens Industri, something we are very proud of. In addition, our CEO Conny Ljungqvist has been nominated for Entrepreneur of the Year by EoY.

During the year, we have also participated in Innovation Day and the cybersecurity fair Sec-t, which has given us the opportunity to showcase our products and services to a wider audience. We have also expanded our office with new, nice premises, which has given us even more room to grow and develop. In addition, we have strengthened our team with several new employees, including Björn Knuthammar, Peter Alvarsson, Joakim Forsberg, Kevin Kvissberg, Elis Hallqvist and Hanna Karlström.

We have been Quality Certified according to ISO 9001:2015, which is important because we promise to deliver uncompromising security and therefore consistently high quality.

During the past year, we have launched new products, including the Data Diode Proxy 3.5, which has been well received. This shows that we are not only a reliable partner, but that we also constantly strive to develop and improve.

Finally, we would like to thank all of our customers and partners who have placed their trust in Link22 during the year that has passed. We look forward to an even stronger 2023 together with you.

The employees at link22 donated their Christmas gifts to charity through the Red Cross.

Merry Christmas and a Happy New Year from all of us at link22!

Open post

Cyber security for the toughest security requirements.

Cyber security for the toughest security requirements

More of everything
We feed more people with fewer resources, we educate more humans faster and more people live in luxury. All thanks to the printing press, the agricultural revolution and the industrial revolution. It's now clear that digitalization is taking over in order to optimize and improve society further. Products are being connected, information is being created and shared in real-time, people are meeting, value is being saved on blockchain networks, and the list goes on. Society is changing fundamentally and everyone is affected.

Cybersecurity
What was once protected by guards, locks, and long distances need new types of defense in our digital world. Cybersecurity is essential to maintain function and security in society. Our product portfolio is the result of 16 years of helping organizations and businesses meet the highest security requirements. We offer the market-leading off-the-grid laptop Outpost, which is used by hundreds of customers. Outpost is the best in the industry and ensures compliance with the highest security requirements in Sweden.

Full control
Government agencies, businesses, municipalities, defense forces, infrastructure, and individuals are all interconnected. The economies of scale are obvious and the challenges are many.

How do we protect critical infrastructure? How can we digitize government agencies without jeopardizing the integrity of the citizen? How can we link domains with different security classifications? How do we give people access to data without making them targets for extortion? How do we make it easy for citizens to administer their personal data without enabling manipulation from anyone else?

Welcome Henrik Nilsson!

Take back control
To have full control, meet data security requirements and privacy guidelines, the solution in many cases is a so-called on-premises solution. We are specialists in this area. A number of cases have taught us how a government agency or company can maintain its effectiveness without having servers, data storage or processor power outsourced to a third party. Full control without compromise.

Adaptability
The digital landscape is constantly changing, so adaptability is key. We deliver ongoing modular solutions to help our customers who constantly face new needs, requirements, and threats. We are a long-term and reliable partner in an ever-changing world of cybersecurity.

Contact us for a free initial consultation on how we can work together to address your cybersecurity needs.

Welcome Henrik Nilsson!
Open post

Shield preventing insider trading within big pharma

Shield preventing insider trading within big pharma

Shield helps to safely reveal test results from cancer medicine research within a pharmaceutical company

Mobile phones are relatively easy to use for eavesdropping on meetings. Phones are therefore an attractive target for competing companies and insider traders who can benefit from conducting espionage. They can be hacked through downloaded apps that have access to the microphone and by physically getting a hold of the phone to install malicious software. This means that a phone should never be left out of sight and that a phone never should be laying around during a meeting where sensitive information is discussed. An obvious cyber security conundrum.

Shield is our solution to this problem, a noise-box especially developed to make phones less of a security risk. Here is an example of how Shield can be useful when sensitive information is to be discussed at a big pharmaceutical company.

Insider trading prevention

A publicly traded pharmaceutical company that is a lucrative target for insider traders has an internal meeting to go through test results for a new cancer medicine. The information of discussion will heavily affect the stock price. None of the participants can leave their phone out of sight since an unattended phone is at risk of being manipulated. All phones and smartwatches are put inside Shield before anything regarding the tests results are discussed. Shield is placed inside the meeting room.

Read more about Shield here.

Welcome Henrik Nilsson!
Open post
sections consulting services

The NIS2 Directive

What is the NIS and NIS2 directive?

About the NIS directive (The Directive on security of network and information systems)
The purpose of the NIS directive is to heighten the security levels for critical infrastructure in the European Union.

link22 and the NIS Directive
The NIS Directive affects each company and organization differently, there is no one-size-fits-all solution to meet the requirements and stay efficient. It can be hard to assess whether or not the NIS Directive affects your company at all. We have helped governments, organizations and companies with challenges like this for 16 years and can be of use in many ways. It can seem complicated to determine what this means for you; what are you obliged to do or not to do? If you are unsure about this we suggest that you book a demo with us where we make an assessment together. Based on your situation we reason together and specify what you need to do to meet the new requirements and most importantly to secure what's valuable in your possession.

What does the term “directive” mean in this context?
It means that it can be incorporated differently in every member state to functionally harmonize with local legislation. In Sweden, the NIS-directive came into force on august the first in 2018 though The information security law.

Why does the NIS directive exist?
The NIS-directive was created to protect european citizens by heightening security around critical infrastructure within the member states. Specifically by improving information security related to critical infrastructure.

Digitalization gave rise to NIS and NIS2
The number of hacker attacks from criminal organizations and nation states has increased significantly. Attacks are more sophisticated and so are the motifs. Hackers are not just in it for money, elections and national security is also at stake. Cyberwar is a fact. There is good reason to prevent and prepare for attacks to keep critical infrastructure intact. The NIS and NIS2 directive is ultimately meant to serve european citizens.

The NIS directive affects certain industries
Energy, health care, transport, finance, water supply and digital infrastructure are considered critical according to the NIS directive. Companies and organizations within these sectors are obligated to secure their information according to the NIS directive.

Welcome Henrik Nilsson!

The NIS directive in reality
The NIS directive means generally stricter security requirements around information security. Concerned entities must consider people, process and technology when securing information. They need to classify information and systems. These entities must also prepare for the eventualities that an attack may lead to and specify action plans to increase resilience. Continuous knowledge gathering by incident reporting is mandatory with the purpose of always becoming more prepared. Companies and organizations are expected to direct their NIS-related actions towards network and information-systems

To oblige- and benefit by the NIS-directive
The NIS directive is a useful place from which to start making valuable cybersecurity improvements. Best practice in this case may be to first create an overview of the organization as a whole and then extract potential and useful changes in order to improve information security. Some processes are crucial for core functionality, some individuals have access and responsibilities that make them targets for extortion and some parts of the technical infrastructure are more vulnerable than others. This is properly complemented by an external assessment of the external cybersecurity landscape, specifically what kind of attacks that are common and what kind of attacks that may become common in the future. Information transfer between security domains and/or networks are, for example, one of the most exposed and vulnerable situations in cybersecurity today. Implementation of data diodes, countersign and encryption are three actions that will make a significant difference for many organizations in the coming years. Separate domains for different security levels is a good idea that can be implemented when one has specified what information is more important than the other. A clear information hierarchy is necessary to maintain efficiency and security.

The NIS-2 directive to improve the NIS directiveThe NIS directive includes continuous review to ensure incremental improvements and adaptations to meet the change rate of the digital world. This has resulted in NIS 2.

Welcome Henrik Nilsson!

Identified weaknesses

  • European companies do not have sufficient ability to defend themselves against cyber attacks
  • European companies do not have sufficient ability to stay operational during a cyberattack
  • European companies do not have sufficient ability to return to normal functionality after a cyberattack
  • Some sectors and states are significantly stronger than others, the European digital landscape has obvious weaknesses
  • The cyber threat awareness among EU member states is low
  • There are no common crisis management practices regarding cyberattacks within the EU

Improvements through the NIS 2 Directive
The NIS directive has been extended to further enhance security. Here are some of the most important add ons:

  • New sectors have been added
  • Increased minimum security and reporting requirements
  • Stricter supervisory measures for nation authorities
  • Stricter compliance requirements for nation authorities
  • Administrative fines has been made possible
  • Increased cooperation and increased information sharing between Member States' authorities

The NIS2 Directive affects more entities
NIS2 covers more sectors and more companies and organizations within each sector. The original NIS-directive considers energy, healthcare, transport, finance, water supply and digital infrastructure as critical for a functional society. With NIS2, public administration, pharmaceutical production, critical medicine technology and space has been added to the list.

The NIS2-directive also affects sectors in the periphery of critical infrastructure, these include; waste disposal, chemicals, post service, food, motor vehicles, production of medical machines, computers and electronics, machine equipment and digital suppliers

The majority of affected entities are medium and large enterprises within the above mentioned sectors but some small companies may also be affected depending on their profile.


link22 and the NIS Directive
The NIS Directive affects each company and organization differently, there is no one-size-fits-all solution to meet the requirements and stay efficient. It can be hard to assess whether or not the NIS Directive affects your company at all. We have helped governments, organizations and companies with challenges like this for 16 years and can be of use in many ways. It can seem complicated to determine what this means for you; what are you obliged to do or not to do? If you are unsure about this we suggest that you book a demo with us where we make an assessment together. Based on your situation we reason together and specify what you need to do to meet the new requirements and most importantly to secure what's valuable in your possession.

Click here to book a demo.

Open post

Björn Knuthammar joins link22

Björn Knuthammar joins link22

Välkommen Peter Alvarsson

It is with pride we announce that Björn Knuthammar just joined team link22. He brings with him years of valuable experience from The Swedish Defence Research Institute, RISE, Flextronics and Ericsson. We asked a few questions regarding work, cybersecurity and life in general.

Björn puts competence and exciting technology first. Cybersecurity excites him because it is a technical challenge with societal security at stake. He welcomes the change it means to go from a large to a small company;

“I look forward to working in a small company with tight communication between leadership, sales and development.”

Björn spends his spare time in the woods, either running or looking for a golf ball as a consequence of a missed shot.

We are on an expansive and exciting journey. If you or anyone you are in for a rewarding challenge in an industry with a bright future we recommend a visit at our career site.

Open post

Shield preventing insider trading at a municipality

Shield preventing insider trading at a municipality

Discussing a stock price-affecting construction permit at a municipality

Mobile phones are relatively easy to use for eavesdropping on meetings. They are therefore an attractive target for people who seek to steal information of value. Phones can be hacked through downloaded apps that have access to the microphone and by physically getting a hold of the phone to install malicious software. This means that a phone should never be left out of sight and that a phone never should be laying around during a meeting where sensitive information is discussed. An obvious cyber security conundrum.

Stop insider trading crimes

To enable free conversations around classified information, we created Shield, a noise-box especially developed to make phones less of a security risk. Here is an example of how Shield secures a construction permit meeting.

A large construction permit is to be approved or denied. The decision affects stock prices, housing prices and more prices that are subject to potential insider trading crimes. To minimize the risk of eavesdropping the municipality has a meeting room especially designed for meetings around sensitive information. The meeting room is equipped with a Shield in which all phones and smartwatches are put whenever a meeting is hosted.

Read more about Shield here.

Welcome Henrik Nilsson!
Open post

Link22 is growing with Peter Alvarsson

Link22 is growing with Peter Alvarsson

Välkommen Peter Alvarsson

We can happily announce that Peter Alvarsson is joining our mission to create a safe society by delivering cybersecurity without compromise. Peter spent 22 years at Ericsson and before that some time at Saab. We believe that Peter's extensive experience from such renowned companies will make link22 even stronger.

We asked Peter a few questions around employment, employer and life in general.

“I value an employer that believes in me and thrives when I’m valuable to the company. Preferably the company is forward moving, the tasks challenging and the culture prosperous. It is also important to have fun at work, especially when you work with very strict and serious products and clients.”

Peter does not emphasize the importance of the business area of cybersecurity, for him, it is more important that the industry see a bright future and that the company as such fulfill his general requirements. He did assess link22 as a company before signing by talking to former colleagues that now work at link22. 

“I hope to make good use of my 22 years of experience from Ericsson by becoming a valuable contributor to the link22 team.”

“Colleagues that are competent, motivated and sharp keeps me motivated. Encouragement from colleagues and the company gives me energy.”

Peter says, regarding cybersecurity, that he already understands the societal importance of link22 and that he supports it on multiple levels.

His private life is all about supporting his son's sports endeavors, specifically bicycling. He also spends a fair amount of time on bicycles himself.

We are happy to grow the team with Peter but it does not stop here. We are looking for more talent, more experience and more energy. If you, or someone you know, may be interested, we encourage a visit at our career site.

Open post

link22 founder Conny Ljungqvist nominated for Entrepreneur of the Year by Ernst & Young

link22 founder Conny Ljungqvist nominated for Entrepreneur of the Year by Ernst & Young.

Every year Ernst & Young award someone who makes the world a better place with the title Entrepreneur of the Year. The intention is to recognize people who create sustainable and dynamic companies.

They describe the prize as following:

Entrepreneur Of The Year recognizes the most ambitious leaders who are building and sustaining successful, dynamic businesses around the world. Entrepreneur Of The Year Award winners comprise a global network of like-minded visionaries, each on a transformational journey to create, innovate, grow, learn and build a better world.

They become lifetime members of an esteemed multi-industry community of entrepreneurs, with exclusive, ongoing access to the experience, insight and wisdom of program alumni and other ecosystem members in nearly 60 countries who are supported by the vast resources of EY.

We are very proud that our CEO, Conny Ljungqvist, is among the nominees. Conny has led the team for over 15 years and together we have built the stable and well acknowledged company that link22 is today. As founding father and CEO, Conny Ljungqvist is a big contributor to the company's success. He said the following about the nomination:

I am very flattered and proud to be nominated for entrepreneur of the year by EY. I do, however, want to stress the fact that link22 is built by a fantastic team and I would not have been nominated without them.

This makes us even more motivated to continue our journey towards a safe society. We pause for a second to celebrate but are eager to keep developing and delivering cybersecurity of top quality.

Posts navigation

1 2 3 4 5 6
Scroll to top