NIST CyberSecurity Framework and ISO 27001

NIST CyberSecurity Framework and ISO 27001

NIST_ISO_Green_Paper_NEW_V3___Final_Edits


How to get started with the NIST Cybersecurity Framework (CSF) – Includes Preso

Written Information Security Program (WISP) – ISO 27002, NIST Cybersecurity Framework & NIST 800-53


What is ISO 27001?


Virtual Session: NIST Cybersecurity Framework Explained


Enter your email address:

Delivered by FeedBurner

Leave a Comment

Cybersecurity Through the CISO’s Eyes

PERSPECTIVES ON A ROLE

Cybersecurity Through the CISO’s Eyes

Cybersecurity CISO Secrets with Accenture and ISACA

Cybersecurity Talk with Gary Hayslip: Aspiring Chief Information Security Officer? Here are the tips



So you want to be a CISO, an approach for success By Gary Hayslip


Enter your email address:

Delivered by FeedBurner

Leave a Comment

Five Keys for Building a Security program


https://www.sans.org/media/critical-security-controls/Poster_CIS-Security-Controls_2018.pdf
The best practice guide for an effective infoSec function

Five Keys for Building a Security program

Open a PDF file Five Keys for Building a Security Program.

 


Enter your email address:

Delivered by FeedBurner

Leave a Comment

CISO or vCISO? The Benefits of a Contractor C-level Security Role

Read how a virtual chief information security officer (vCISO) can help you uplift a struggling information security program.

Source: CISO or vCISO? The Benefits of a Contractor C-level Security Role

Webinar: vCISO vs CISO – Which is the right path for you?


CISO as a Service or Virtual CISO


The Benefits of a vCISO


Subscribe to DISC InfoSec blog by Email

Leave a Comment

6 Essential Pillars for InfoSec Prioritization

It may be time to Think Differently in security.

Do you know which of your vulnerabilities are critical, those which can wait a day, vs ones that are just noise? Read this handy guide to get the 6 essential pillars for comprehensive InfoSec prioritization:



The Five Laws of Cybersecurity | Nick Espinosa | TEDxFondduLac


Your 5 Year Path: Success in Infosec


Top 20 Security Controls for a More Secure Infrastructure


Subscribe to DISC InfoSec blog by Email

Leave a Comment

CyberSecurity for Digital Operations

DigitalSecurity

 
This report examines the general state of security within business today, exploring the hurdles that are preventing companies from an ideal security posture and suggesting the steps that can lead to improved security in the digital economy.

As the technology industry enters the next phase of maturity, there are more questions about the implications of emerging trends operating on a global scale. Aside from social impact ramification, utmost reliance on digital data and the sweeping collection of personal information are highlighting the critical nature of information security and privacy.

Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity | MIT PE

Inside the CenturyLink Security Operations Center: Securing Your Digital Business

The Convergence (and Divergence) of IT and OT Cyber Security


Subscribe to DISC InfoSec blog by Email

Leave a Comment

The best practice guide for an effective infoSec function

Building ISMS

The best practice guide for an effective infoSec function: iTnews has put together a bit of advice from various controls including ISO 27k and NIST CSF to guide you through what’s needed to build an effective information security management system (ISMS) within your organization.

This comprehensive report is a must-have reference for executives, senior managers and folks interested in the information security management area.

 

Practice Guide

Open a PDF file The best practice guide for an effective infoSec function.

How to Build a Cybersecurity Program based on the NIST Cybersecurity Framework

Beginners ultimate guide to ISO 27001 Information Security Management Systems

Conducting a cybersecurity risk assessment


Subscribe to DISC InfoSec blog by Email

Leave a Comment

The Adventures of CISO


The Adventures of CISO Ed & Co.

7 Types of Experiences Every Security Pro Should Have

Ten Must-Have CISO Skills

What CISO does for a living

CISOs and the Quest for Cybersecurity Metrics Fit for Business

CISO’s Library


Subscribe to DISC InfoSec blog by Email

Leave a Comment

Top 10 Cybersecurity Writing Mistakes

Want to strengthen your writing in under an hour? Watch the video below to help you avoid the top 10 writing mistakes you may encounter when working as a cybersecurity professional.

Source: Top 10 Cybersecurity Writing Mistakes

Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them


SANS Writing Course | Writing CheatSheet

Burying the Main Point – Common Cybersecurity Writing Mistakes


Overstuffing the Paragraphs – Common Cybersecurity Writing Mistakes


Subscribe to DISC InfoSec blog by Email

Leave a Comment

A CISO’s Guide to Bolstering Cybersecurity Posture

iso27032

When It Come Down To It, Cybersecurity Is All About Understanding Risk

Risk Management Framework for Information Systems

How to choose the right cybersecurity framework

Improve Cybersecurity posture by using ISO/IEC 27032

Cybersecurity Summit 2018: David Petraeus and Lisa Monaco on America’s cybersecurity posture

CSET Cyber Security Evaluation Tool – ICS/OT


Subscribe to DISC InfoSec blog by Email

Leave a Comment

5 Updates from PCI SSC That You Need to Know

As payment technologies evolve, so do the requirements for securing cardholder data.

Source: Slideshows – Dark Reading

PCI DSS: Looking Ahead to Version 4.0

3 Primary Goals for PCI DSS Version 4.0

What is PCI DSS? | A Brief Summary of the Standard


How to Achieve PCI DSS Compliance on AWS


Subscribe to DISC InfoSec blog by Email

Leave a Comment

CCPA – The California Consumer Privacy Act

More detail on site: Steps to CCPA Compliance roadmap

Everything You Need To Know About CCPA 2018



Subscribe to DISC InfoSec blog by Email

Leave a Comment

State of OT/ICS CyberSecurity

State of OT/ICS Cybersecurity 2019 [Infographic via SANS Institute]

State of ICS/OT CyberSecurity: pdf

Guide to Industrial Control Systems (ICS) Security

Independent Study Pinpoints Significant SCADA/ICS Security Risks

Cyber-Security and Governance for Industrial Control Systems


NIST Releases Cybersecurity Guide for Energy Sector to Improve Operational Technology



NSM/threat hunting in OT/ICS/SCADA environments

The Convergence (and Divergence) of IT and OT Cyber Security

ICS Security Assessment Methodology, Tools & Tips


Subscribe to DISC InfoSec blog by Email

Comments (2)

Live and let live InfoSec

User vs Security

secret password
Live and let live InfoSec

The average person’s take on security control: they have real jobs to do, and security isn’t one of them. so remember ‘usability vs bypass security control’ when designing a new control. Please feel free to share your opinion on this.



Funny business meeting illustrating how hard it is for an (infosec) engineer to fit into the corporate world!


parkour vs security chase


Subscribe to DISC InfoSec blog by Email

Leave a Comment

10 Most Critical API Security Risks

10 Most Critical API Security Risks [2019] – OWASP Foundation

Advanced Web Application Scanning with OWASP Zed Attack Proxy (ZAP)

Web Application Security and OWASP – Top 10 Security Flaws

Ethical Hacking 101: Web App Penetration Testing


Subscribe to DISC InfoSec blog by Email

Leave a Comment

How to get started with the NIST Cybersecurity Framework (CSF) – Expel

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

Source: How to get started with the NIST Cybersecurity Framework (CSF) – Expel

The CyberSecurity Framework Ver 1.1 Preso
NIST CSF 1.1 preso


Virtual Session: NIST Cybersecurity Framework Explained

CSS2017 Session 14 SANS Training – NIST Cyber Security Framework

Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka


Free PDF download: NIST Cybersecurity Framework and ISO 27001 | IT Governance USA


Subscribe to DISC InfoSec blog by Email

Comments (1)

7 Steps to Web App Security

Emerging technologies are introducing entirely new ways to reach, act, and interact with people. That makes app security more important than ever.

Source: 7 Steps to Web App Security

Titles: Web App Security

Securing Web Applications


Application Security – Understanding, Exploiting and Defending against Top Web Vulnerabilities


Web Application Security and OWASP – Top 10 Security Flaws


Ethical Hacking 101: Web App Penetration Testing – a full course for beginners





Subscribe to DISC InfoSec blog by Email

Leave a Comment

Insider Threat Report

Insider Threat Report [Verizon]

What is Insider Threat?

A Framework to Effectively Develop Insider Threat Controls


Insider Threats:
A Worst Practices Guide to Preventing Leaks, Attacks, Theft, and Sabotage


Subscribe to DISC InfoSec blog by Email

Leave a Comment

What’s your Password?!

Very funny 😂 security password reminder, not funny that this is real!

Most Hilarious 😹 WiFi Names

Obama 😎 finds ways to make cybersecurity funny 😎




Subscribe to DISC InfoSec blog by Email

Leave a Comment

What the New NIST Privacy Framework Means to You

Big news is coming when NIST takes the wraps off a new privacy framework. Thanks to the General Data Privacy Regulation (GDPR) of the European Union, which took full effect in May 2018, privacy is at center stage worldwide. Penalties are being meted out for violations, and organizations of all kinds need to understand and comply with the law. In addition, the California Consumer Privacy Act (CCPA) was enacted in June 2018, with many other states working on similar bills.

Source: What the New NIST Privacy Framework Means to You

Developing the NIST Privacy Framework – Part 1


Developing the NIST Privacy Framework – Part 2


Developing the NIST Privacy Framework – Part 3


NIST Privacy Framework: An Enterprise Risk Management Tool


Leave a Comment