ISO is shaking up the familiar structure of the ISO 27001/27002 control framework after over 20 years of stability.  Originally published as British Standard BS 7799 Part 1 and 2 in the late 1990s, adopted as the ISO 17799 standard in 2000, and then renumbered as ISO 27001/27002, the name has changed a few times […]

Introduction and Background As required by ISO27001 the risks identified in the risk assessment need to be ones that if they happened would result in the loss of Confidentiality Integrity and/or Availability (CIA) of information in the scope of the ISMS. As also required by ISO27001 those controls that are necessary to modify each risk […]

Here are five signs that a virtual CISO may be right for your organization. 1. You have a lot to protect Companies produce more data than ever, and keeping track of it all is the first step to securing it. A virtual CISO can identify what data needs to be protected and determine the negative […]

As Jack Jones, co-founder of RiskLens, tells the story, he started down the road to creating the FAIR™ model for cyber risk quantification because of “two questions and two lame answers.” As CISO at Nationwide insurance, he presented his pitch for cybersecurity investment and was asked: “How much risk do we have?” “How much less […]

Download pdf: Steps to implement ISMS Distance Learning Training Courses

6 free cybersecurity tools for 2021 1: Infection Monkey Infection Monkey is an open source Breach and Attack Simulation tool that lets you test the resilience of private and public cloud environments to post-breach attacks and lateral movement, using a range of RCE exploiters. Infection Monkey was created by Israeli cybersecurity firm Guardicore to test its […]

CISO role is not only limited to understanding infrastructure, technologies, threat landscape, and business applications but to sway people attitude and influence culture with relevant policies, procedures and compliance enforcement to protect an organization. #CISO #vCISOExplore more on CISO role:

DISC InfoSec provides cost effective Cybersecurity: CISO as a Service (CISOaaS) A Chief Information Security Officer (CISO) is an executive responsible for cybersecurity. Many medium-sized organizations need a CISO but don’t have the budget for one. A Fractional CISO/ vCISO can deliver the value of a full-time CISO without the same level of investment. Why […]

Search for a chief information security officer Twitter Inc had stepped up its search for a chief information security officer in recent weeks, two people familiar with the effort told Reuters, before the breach of high-profile accounts on Wednesday raised alarms about the platform’s security. Twitter said hackers had targeted employees with access to its […]