NIST CyberSecurity Framework and ISO 27001 How to get started with the NIST Cybersecurity Framework (CSF) – Includes Preso Written Information Security Program (WISP) – ISO 27002, NIST Cybersecurity Framework & NIST 800-53 What is ISO 27001? Virtual Session: NIST Cybersecurity Framework Explained Enter your email address: Delivered by FeedBurner
https://www.sans.org/media/critical-security-controls/Poster_CIS-Security-Controls_2018.pdf The best practice guide for an effective infoSec function Five Keys for Building a Security program Open a PDF file Five Keys for Building a Security Program. Enter your email address: Delivered by FeedBurner
It may be time to Think Differently in security. Do you know which of your vulnerabilities are critical, those which can wait a day, vs ones that are just noise? Read this handy guide to get the 6 essential pillars for comprehensive InfoSec prioritization: The Five Laws of Cybersecurity | Nick Espinosa | TEDxFondduLac Your […]
The best practice guide for an effective infoSec function: iTnews has put together a bit of advice from various controls including ISO 27k and NIST CSF to guide you through what’s needed to build an effective information security management system (ISMS) within your organization. This comprehensive report is a must-have reference for executives, senior managers […]
User vs Security Live and let live InfoSec The average person’s take on security control: they have real jobs to do, and security isn’t one of them. so remember ‘usability vs bypass security control’ when designing a new control. Please feel free to share your opinion on this. Funny business meeting illustrating how hard it […]
Creating A Cyber Secure Home – Infographic via SANS Institute Subscribe in a reader
Researchers in Israel created malware to draw attention to serious security weaknesses in medical imaging equipment and networks. Source: Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists Malware Analysis
Every day, big companies are still getting breached despite their security products. F-Secure’s Mikko Hypponen warns that companies that say ‘use our technology and you will not have a breach’ actually make it much harder for clients to think about and be ready for a breach. Source: Just Having A Security Product Doesn’t Make You […]
Hot on the heels of disclosing a critical zero-day vulnerability in Chrome that was being exploited in the wild by attackers, Google has now uncovered another critical zero-day that is being used alongside it to take over Windows machines. Source: Google Says Upgrade To Windows 10 After Critical Flaws Found In Chrome And Windows 7
It didn’t require an account PIN to switch carriers. Everybody uses 0000, it said, making it easier for customers… and phone hijackers. Source: Comcast security nightmare: default ‘0000’ PIN on everybody’s account Best Practice Information Security Enter your email address: Delivered by FeedBurner
In its annual security intelligence report, Microsoft offers up its top tips for blocking out hackers. Source: Microsoft: Do these things now to protect your network | ZDNet Enter your email address: Delivered by FeedBurner
#InfoSecTools The Hawkeye Scanner CLI is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks Source: Scanner CLI : A Project Security/Vulnerability/Risk Scanning Tool
Malware can spread much more easily on obsolete platforms, warns security body. With less than a year until the end of Windows 7 support, don’t get caught out. Source: Windows 7 migration warning: Plan now to avoid security worries later | ZDNet Phishing Scam Subscribe to DISC InfoSec blog by Email
Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization. Source: Center for Internet Security releases Microsoft 365 benchmarks
Patching vulnerabilities is often seen as a key element of keeping systems secure. But a new report suggests businesses could be ‘smarter’ in their patching regimes and prioritize the i… Source: Businesses can safely delay patching most vulnerabilities 🔒 securing the business 🔒 DISC InfoSec
Report claims US public and private sectors had over 300,000 cybersecurity-related job openings between April 2017 and March 2018. By Catalin Cimpanu for Zero Day US lawmakers have introduced a bipartisan bill in the House of Representatives meant to address the cybersecurity workforce shortage crisis. The bill, named the Cyber Ready Workforce Act (H.R.6791), would establish a grant program within […]
Luke Irwin The dramatic rise in cyber attacks over the past few years has caught most businesses off guard. Their cyber security departments are severely understaffed, causing them to look desperately for qualified professionals to help tackle the threat. There has never been a better time to get into cyber security, so if you’re looking […]
Cyberspace, the Internet, the digital world – call it what you will – is always developing. But so are the threats and risks that come with it. It doesn’t matter if you are working in the most mature enterprise environment, unemployed, retired, or still at school, whether you often have a smartphone in your hand […]
Is this a good time to be in the field of InfoSec, (ISC)2 report shows the skills shortage is getting worse. Over the next five years, the number of unfilled cybersecurity jobs will rise to a whopping 1.8 million, a 20% increase from 2015 estimates, according to a new (ISC)2 survey released. Cybersecurity Faces 1.8 Million […]
The textbook for the Open University’s postgraduate information security course. The recommended textbook for all IBITGQ ISO 27001 courses. Available in softcover or eBook format. Description Fully updated expert information security management and governance guidance based on the international standard for information security management, ISO 27001. As global threats to information security increase in frequency […]
