IT Governance Ltd, the ISO27001 and information security experts have reported that they are making a number of free resources available for download from their US website to help US companies meet the challenges of increased cyber crime.
July 12, 2011 /24-7PressRelease/ — IT Governance Ltd, the ISO27001 and information security experts have reported that they [...]
Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazine’s annual “State of the Net” survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be [...]
To become a successful business in today’s market, optimized information security controls may be the panacea for unmet security needs. One way to achieve optimized information security control is to perform ISO assessment and assess the organization security posture based on ISO 27002 code of practice and map each control with Capability Maturity Model Integration [...]
Image via Wikipedia
In the past when senior management (execs) needed to understand the financial implication of cyber threats and their exposures, they turned their questionnaires toward IT for relevant answers. In other words IT risk assessment was the answer in the past to understand the financial implications of cyber threats. The IT risk assessment is [...]
Open networks are heterogeneous environment where users like to use all the applications and systems at any given time. In a heterogeneous environment, each department run different hardware and software, but you can control the protocols which will work on this environment.
Universities are famous for open network. Most Universities network is comprised of a Bank [...]
Have you ever thought of losing something and you cannot live without it? Yes, that something can be your identity. Phishing is a practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization’s logo, in an attempt to steal passwords, financial or personal information. In [...]
Information Security Risk Management for ISO27001 / ISO27002
The State of California has adopted ISO/IEC 27002 as its standard for information security and recommends other organizations and vendors to use this standard as guidance in their efforts to comply with California law.
To achieve an ongoing compliance, major organizations require tools to comply with standard such as [...]
The PCI DSS (Payment Card Industry & Data Security Standard) was established by credit card companies to create a unified security standard for handling credit card information. The retail service industry now understands the strategic significance of PCI DSS compliance, which was demonstrated when TJX announced that their system was compromised for more than 17 [...]
Security review is performed to identify and analyze risks and weaknesses in the current security posture of an organization. An ISO assessment is performed utilizing international standard ISO 27002 and company security policy, the purpose of the review is to evaluate the information security posture of an organization based on international standard. The level of [...]
