Posts Tagged ‘iso 27002’

Implementing an ISMS: where should you start?

With the number of ISO 27001 certifications rising fast in the US, organizations will be looking to implement an ISO 27001-compliant information security management system (ISMS) quickly, before any of their competitors. However, the hardest part of achieving ISO 27001 certification is providing the documentation for the ISMS. Often – particularly in more complex and […]

Leave a Comment

Cyber security is not enough

Cyber security is not enough – you need to become cyber resilient Cyber Resilience Implementation Suite It’s no longer sufficient to suppose that you can defend against any potential attack; you must accept that an attack will inevitably succeed. An organisation’s resilience in identifying and responding to security breaches will become a critical survival trait […]

Leave a Comment

Cyber Resilience Best Practices

RESILIA™ Cyber Resilience Best Practices AXELOS’s new guide RESILIA™ Cyber Resilience Best Practices provides a methodology for detecting and recovering from cyber security incidents using the ITIL lifecycle RESILIA™ Cyber Resilience Best Practices Best guide on Cyber Resilience on the web – Cyber Resilience Best Practices is part of the AXELOS RESILIA™ portfolio. RESILIA™ Cyber Resilience […]

Leave a Comment

Is ISO 27001 Worthwhile for Your Business?

ISO 27001 As A Business Tool More than ever, information security is a key part of a business’ overall plan and objective set. ISO 27001 can help businesses bring their information security practices together and develop a strategy to raise awareness and vigilance throughout the business. With ISO 27001, all of a business’ information security […]

Comments (2)

IT Governance helps SMEs protect themselves from cybercrime

IT Governance Ltd, the global provider of cyber security management solutions, has announced a value-add offer in March. Organisations that buy the No3 ISO27001 Comprehensive Toolkit before the end of March will receive the Cybersecurity Self Assessment Tool free, making double savings on resource and time. The No3 ISO27001 Comprehensive Toolkit contains highly practical books, […]

Leave a Comment

ISO/IEC 27001 – BSI interviews Henk de Vries

BSI and Rotterdam school of management, Erasmus university conducted a research study about ISO/IEC 27001 Information technology. Security techniques. BSI interviewed Henk de Vries who is one of the experts behind the study. ISO27001 (ISO 27001) ISMS Requirements (Download now) ISO27002 (ISO 27002) Code of Practice for ISM (Download now) To Download a copy of […]

Leave a Comment

How to decide between ISO 27001 Cert and ISO 27002 Compliance

It is one of an important decision for your organization when you have to decide between ISO 27001 certification and ISO 27002 compliance. When continuous compliance with the standards may save you money in short run but ISO 27001(ISMS) certification outweighs benefits in long run. ISO compliance is a commitment for an organization when it […]

Leave a Comment

Meet Stringent California Information Security Legislation with Comprehensive Toolkit

Three years ago, California state IT council adopted the information security program guide which help organizations to comply with SB 1386. The council advised the use of information security standard ISO 27002 framework to comply and meet the needs of SB 1386. This legislation deals with the security of personal information and is applicable to […]

Comments (6)

What is a risk assessment framework

Image by Adam Melancon via Flickr The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments Definition – A risk assessment framework (RAF) is a strategy for prioritizing and sharing information about the security risks to an information technology (IT) infrastructure. A good RAF organizes and presents information in a way that […]

Leave a Comment

Audit of security control and scoping

Information Technology Control and Audit The audit is utilized as a tool to check compliance control based on standards such as ISO 27002 or NIST 800-53 etc. Some other terms which are not sometime rigorous audit have been used to asses controls are gap analysis, benchmarking and control review. Scoping sets the boundaries of the […]

Comments (1)

Control selection and cost savings

Information Security Risk Analysis In risk management, risk treatment process begins after completion of a comprehensive risk assessment. Once risks have been assessed, risk manager utilize the following techniques to manage the risks • Avoidance (eliminate) • Reduction (mitigate) • Transfer (outsource or insure) • Retention (accept and budget) Now the question is how to […]

Comments (2)

Managing Risks and NIST 800-53

Image via Wikipedia FISMA Certification & Accreditation Handbook The organizations need to establish security program to manage their day to day risks. Before selecting the controls from standards such as (NIST 800-53 or ISO 27002), organizations need to have complete inventory of the assets involved in the scope. Assets involved in the scope would require […]

Comments (3)

Rise of cybercrime and management responsibility

Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazine’s annual “State of the Net” survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be […]

Comments (3)

Web 2.0 and social media business risks

Web 2.0 is major force and has numerous business benefits but it is posing companies to potential new risks. Social networking sites, such as Facebook, LinkedIn and Twitter, have become the preferred method of communication for a whole generation of people and the ability to post “Status Updates” is fast becoming the new Email. Linkedin […]

Comments (35)

Congressional data mining and security

Image by moonhouse via Flickr“By slipping a simple, three-sentence provision into the gargantuan spending bill passed by the House of Representatives last week, a congressman from Silicon Valley is trying to nudge Congress into the 21st Century. Rep. Mike Honda (D-Calif.) placed a measure in the bill directing Congress and its affiliated organs — including […]

Comments (2)


SEO Powered By SEOPressor