Securing information, actors, and their systems has become a paramount challenge in recent years. In the first regular issue of 2021 of the ARIS2 - Advanced Research on Information Systems Security, an International Journal, in four of the five articles, problems of information security are addressed with a practical and theoretical view, with origin in academic centers and research from masters and doctoral students.

With the aim to facilitate compliance with the GDPR, particularly for SMEs, this paper summarises the results of the H2020 BPR4GDPR project. With a focus on business processes, the project has proposed a holistic approach able to support compliant processes, while fulfilling requirements covering diverse application domains. The main pillars of the solution are: i) a policy-based access and usage control system, for setting the operational rules; ii) a framework for automatically re-engineering processes so that they become compliant by design; iii) a run-time environment for the enforcement of privacy constraints and data subjects’ rights; iv) a process mining framework, devised for ex-post compliance analysis and conformance checking leveraging the process execution traces.

Throughout human evolution, communication has always played a central role in favor of the development and approximation of the species. Within this project, the main objective is to analyze different wearable devices (more specifically fitness tracking devices) with the intention of presenting the strengths and weaknesses related to the security and privacy frameworks that these devices make use of. To reach these objectives some devices will be acquired for testing, starting from the earliest point of the communication (Bluetooth connection) until the latter states (communications through the Internet). “Paranoid” operating systems and methodologies have been developed and studied over the years, both for mobile and desktop systems in order to maintain the security and anonymity of their users, and although related studies have been in existence for some time, this proposal aims to develop an answer to a theme not very distinct, but more specific and modern “Paranoid OS: Wearable Trackers”. It is with this purpose in mind that the path taken by this technology will be presented in this document, considering what are the communication protocols, what data goes through these communication channels, and finally where is the user’s data.

Throughout human evolution, communication has always played a central role in favor of the development and approximation of the species. Within this project, the main objective is to analyze different wearable devices (more specifically fitness tracking devices) with the intention of presenting the strengths and weaknesses related to the security and privacy frameworks that these devices make use of. To reach these objectives some devices will be acquired for testing, starting from the earliest point of the communication (Bluetooth connection) until the latter states (communications through the Internet). “Paranoid” operating systems and methodologies have been developed and studied over the years, both for mobile and desktop systems in order to maintain the security and anonymity of their users, and although related studies have been in existence for some time, this proposal aims to develop an answer to a theme not very distinct, but more specific and modern “Paranoid OS: Wearable Trackers”. It is with this purpose in mind that the path taken by this technology will be presented in this document, considering what are the communication protocols, what data goes through these communication channels, and finally where is the user’s data.

In this paper, there are two questions that we seek to answer, what are the tools used in the industry nowadays regarding its cybersecurity? How is cybersecurity being approached and dealt with by the companies and their greatest difficulties? Along the way it’s observed how the entire interaction with clients is made as also how the investigation on possible threats is conducted and handled, passing through how to detect, analyze and interact with the client team in the mitigation of it, this taking into consideration their infrastructure and capabilities. This paper is taken from the point of view of a junior utilizing free tools to analyze threats and dealing with attempts of infiltrating the network utilizing social engineering tactics as well as more technical skills.