Skip to content
Skip to menu

DISC InfoSec blog

InfoSec and Compliance – With 20 years of blogging experience, DISC InfoSec blog is dedicated to providing trusted insights and practical solutions for professionals and organizations navigating the evolving cybersecurity landscape. From cutting-edge threats to compliance strategies, this blog is your reliable resource for staying informed and secure. Dive into the content, connect with the community, and elevate your InfoSec expertise!

Dec 13 2019

Data Security Solutions for Fintech Startups

Category: data security — DISC @ 11:33 am

By Ena Kadribasic on Security

The fintech sector has brought consumers an endless stream of modern offerings that have enabled them to ditch several outdated banking and lending products.

Companies now have advanced B2B payment solutions at their fingertips, and online financial solutions have never been more convenient – largely thanks to the progress made by fintech startups.

But, despite being on the cutting edge of digital financial products, young fintech companies are at a disadvantage in a wildly important arena: data security.

With limited resources, growing compliance regulations around the world, and a constantly-evolving list of increasingly dangerous cyber threats, fintech startups face a uniquely difficult uphill battle.

And, with data breaches continuing to leer as an ever-present security threat, fintech firms are turning to new and advanced approaches to data privacy.

But, first, what do we mean when we talk about data security for startups?

Source: Data Security Solutions for Fintech Startups

Subscribe to DISC InfoSec blog by Email

Tags: Data security solution, Fintech

Dec 07 2019

NIST CyberSecurity Framework and ISO 27001

Category: Information Security,ISO 27k,NIST CSF — DISC @ 6:54 pm

NIST CyberSecurity Framework and ISO 27001

[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/12/NIST_ISO_Green_Paper_NEW_V3___Final_Edits.pdf”]

How to get started with the NIST Cybersecurity Framework (CSF) – Includes Preso

Written Information Security Program (WISP) – ISO 27002, NIST Cybersecurity Framework & NIST 800-53
httpv://www.youtube.com/watch?v=B8QjwD6f4rc

What is ISO 27001?
httpv://www.youtube.com/watch?v=AzSJyfjIFMw

Virtual Session: NIST Cybersecurity Framework Explained
httpv://www.youtube.com/watch?v=nFUyCrSnR68

Tags: iso 27001, NIST CSF, NIST RMF

Nov 30 2019

Cybersecurity Through the CISO’s Eyes

Category: CISO,vCISO — DISC @ 12:52 pm

infographic via Rafeeq Rehman

PERSPECTIVES ON A ROLE

Cybersecurity Through the CISO’s Eyes

<br />

Cybersecurity CISO Secrets with Accenture and ISACA

Cybersecurity Talk with Gary Hayslip: Aspiring Chief Information Security Officer? Here are the tips

So you want to be a CISO, an approach for success By Gary Hayslip

Our most recent articles in the CISO category.

Explore latest Chief Information Security Officer titles

Tags: CISO, Gary Hayslip, vCISO

Nov 21 2019

Five Keys for Building a Security program

Category: Information Security — DISC @ 11:00 pm

https://www.sans.org/media/critical-security-controls/Poster_CIS-Security-Controls_2018.pdf
The best practice guide for an effective infoSec function

Five Keys for Building a Security program

Open a PDF file Five Keys for Building a Security Program.

Nov 18 2019

CISO or vCISO? The Benefits of a Contractor C-level Security Role

Category: CISO — DISC @ 12:40 pm

Read how a virtual chief information security officer (vCISO) can help you uplift a struggling information security program.

Source: CISO or vCISO? The Benefits of a Contractor C-level Security Role

Webinar: vCISO vs CISO – Which is the right path for you?
httpv://www.youtube.com/watch?v=HIvuIIQob7o

CISO as a Service or Virtual CISO
httpv://www.youtube.com/watch?v=X8XSe3ialNk

The Benefits of a vCISO
httpv://www.youtube.com/watch?v=jQsG-65wxyU

Subscribe to DISC InfoSec blog by Email

Tags: vCISO

Oct 21 2019

6 Essential Pillars for InfoSec Prioritization

Category: Information Security — DISC @ 11:22 am

It may be time to Think Differently in security.

Do you know which of your vulnerabilities are critical, those which can wait a day, vs ones that are just noise? Read this handy guide to get the 6 essential pillars for comprehensive InfoSec prioritization:

The Five Laws of Cybersecurity | Nick Espinosa | TEDxFondduLac
httpv://www.youtube.com/watch?v=_nVq7f26-Uo

Your 5 Year Path: Success in Infosec
httpv://www.youtube.com/watch?v=Uv-AfK7PkxU

Top 20 Security Controls for a More Secure Infrastructure

Subscribe to DISC InfoSec blog by Email

Tags: isms, Secure Infrastructure

Oct 16 2019

CyberSecurity for Digital Operations

Category: cyber security,data security — DISC @ 1:09 pm

This report examines the general state of security within business today, exploring the hurdles that are preventing companies from an ideal security posture and suggesting the steps that can lead to improved security in the digital economy.

As the technology industry enters the next phase of maturity, there are more questions about the implications of emerging trends operating on a global scale. Aside from social impact ramification, utmost reliance on digital data and the sweeping collection of personal information are highlighting the critical nature of information security and privacy.

Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity | MIT PE
httpv://www.youtube.com/watch?v=NwwazhND9BA

Inside the CenturyLink Security Operations Center: Securing Your Digital Business
httpv://www.youtube.com/watch?v=_UyhYPOnNcY

The Convergence (and Divergence) of IT and OT Cyber Security

Subscribe to DISC InfoSec blog by Email

Oct 14 2019

The best practice guide for an effective infoSec function

Category: cyber security,Information Security,ISO 27k,NIST CSF,Risk Assessment — DISC @ 10:48 am

The best practice guide for an effective infoSec function: iTnews has put together a bit of advice from various controls including ISO 27k and NIST CSF to guide you through what’s needed to build an effective information security management system (ISMS) within your organization.

This comprehensive report is a must-have reference for executives, senior managers and folks interested in the information security management area.

Practice Guide

Open a PDF file The best practice guide for an effective infoSec function.

How to Build a Cybersecurity Program based on the NIST Cybersecurity Framework
httpv://www.youtube.com/watch?v=pDra0cy5WZI

Beginners ultimate guide to ISO 27001 Information Security Management Systems
httpv://www.youtube.com/watch?v=LytISQyhQVE

Conducting a cybersecurity risk assessment

Subscribe to DISC InfoSec blog by Email

Tags: isms

Oct 08 2019

The Adventures of CISO

Category: CISO — DISC @ 11:09 am

The Adventures of CISO Ed & Co.

7 Types of Experiences Every Security Pro Should Have

Ten Must-Have CISO Skills

What CISO does for a living

CISOs and the Quest for Cybersecurity Metrics Fit for Business

CISO’s Library

Subscribe to DISC InfoSec blog by Email

Oct 07 2019

Top 10 Cybersecurity Writing Mistakes

Category: Cybersecurity Writing — DISC @ 12:39 pm

Want to strengthen your writing in under an hour? Watch the video below to help you avoid the top 10 writing mistakes you may encounter when working as a cybersecurity professional.

Source: Top 10 Cybersecurity Writing Mistakes

Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them
httpv://youtu.be/V7lO7UgxQV4

SANS Writing Course | Writing CheatSheet

Burying the Main Point – Common Cybersecurity Writing Mistakes
httpv://www.youtube.com/watch?v=xM6PgakpLgU

Overstuffing the Paragraphs – Common Cybersecurity Writing Mistakes

Subscribe to DISC InfoSec blog by Email

Tags: Cybersecurity Writing

Oct 06 2019

A CISO’s Guide to Bolstering Cybersecurity Posture

Category: Information Privacy,Risk Assessment,Security Risk Assessment — DISC @ 8:24 pm

When It Come Down To It, Cybersecurity Is All About Understanding Risk

Risk Management Framework for Information Systems

How to choose the right cybersecurity framework

Improve Cybersecurity posture by using ISO/IEC 27032
httpv://www.youtube.com/watch?v=NX5RMGOcyBM

Cybersecurity Summit 2018: David Petraeus and Lisa Monaco on America’s cybersecurity posture
httpv://www.youtube.com/watch?v=C8WGPZwlfj8

CSET Cyber Security Evaluation Tool – ICS/OT
httpv://www.youtube.com/watch?v=KzuraQXDqMY

Subscribe to DISC InfoSec blog by Email

Tags: cybersecurity posture, security risk management

Oct 04 2019

5 Updates from PCI SSC That You Need to Know

Category: Security Compliance — DISC @ 9:39 pm

As payment technologies evolve, so do the requirements for securing cardholder data.

Source: Slideshows – Dark Reading

PCI DSS: Looking Ahead to Version 4.0

3 Primary Goals for PCI DSS Version 4.0

What is PCI DSS? | A Brief Summary of the Standard
httpv://www.youtube.com/watch?v=szVmMxWORBc

How to Achieve PCI DSS Compliance on AWS
httpv://www.youtube.com/watch?v=qx4OwP0VIyU

Subscribe to DISC InfoSec blog by Email

Tags: pci dss, PCI SSC

Oct 01 2019

CCPA – The California Consumer Privacy Act

Category: Security Compliance — DISC @ 4:51 pm

More detail on site: Steps to CCPA Compliance roadmap

Everything You Need To Know About CCPA 2018

Subscribe to DISC InfoSec blog by Email

Tags: CCPA

Sep 27 2019

State of OT/ICS CyberSecurity

Category: OT/ICS,Scada Security — DISC @ 6:42 pm

State of OT/ICS Cybersecurity 2019 [Infographic via SANS Institute]

State of ICS/OT CyberSecurity: pdf

Guide to Industrial Control Systems (ICS) Security

Independent Study Pinpoints Significant SCADA/ICS Security Risks

Cyber-Security and Governance for Industrial Control Systems

NIST Releases Cybersecurity Guide for Energy Sector to Improve Operational Technology

NSM/threat hunting in OT/ICS/SCADA environments
httpv://www.youtube.com/watch?v=_w8usX9_daE

The Convergence (and Divergence) of IT and OT Cyber Security
httpv://www.youtube.com/watch?v=7ZnfuFzB-XM

ICS Security Assessment Methodology, Tools & Tips

Subscribe to DISC InfoSec blog by Email

Sep 26 2019

Live and let live InfoSec

Category: Access Control,Information Security,Security Awareness — DISC @ 10:29 am

User vs Security

Live and let live InfoSec

The average person’s take on security control: they have real jobs to do, and security isn’t one of them. so remember ‘usability vs bypass security control’ when designing a new control. Please feel free to share your opinion on this.

Funny business meeting illustrating how hard it is for an (infosec) engineer to fit into the corporate world!
httpv://www.youtube.com/watch?v=BKorP55Aqvg

parkour vs security chase
httpv://www.youtube.com/watch?v=Hnv5OOpr4ug

Subscribe to DISC InfoSec blog by Email

Sep 23 2019

10 Most Critical API Security Risks

Category: App Security,Web Security — DISC @ 2:23 pm

10 Most Critical API Security Risks [2019] – OWASP Foundation

Advanced Web Application Scanning with OWASP Zed Attack Proxy (ZAP)
httpv://www.youtube.com/watch?v=CbMKX8on9bA&list=PLqpLl_iGMLnCR5x6Smky2E2RdqCdqbYZ1

Web Application Security and OWASP – Top 10 Security Flaws
httpv://www.youtube.com/watch?v=j5PuYFCS0Iw

Ethical Hacking 101: Web App Penetration Testing
httpv://www.youtube.com/watch?v=2_lswM1S264

Subscribe to DISC InfoSec blog by Email

Tags: API security risks

Sep 21 2019

How to get started with the NIST Cybersecurity Framework (CSF) – Expel

Category: NIST CSF,Security Compliance — DISC @ 11:02 am

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

Source: How to get started with the NIST Cybersecurity Framework (CSF) – Expel

The CyberSecurity Framework Ver 1.1 Preso
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/09/NIST-CSF-1.1-preso.pdf” title=”NIST CSF 1.1 preso”]

Virtual Session: NIST Cybersecurity Framework Explained
httpv://www.youtube.com/watch?v=nFUyCrSnR68

CSS2017 Session 14 SANS Training – NIST Cyber Security Framework
httpv://www.youtube.com/watch?v=I-s4bAzH7t0

Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certification | Edureka
httpv://www.youtube.com/watch?v=uk8-jJgu8-I

Free PDF download: NIST Cybersecurity Framework and ISO 27001 | IT Governance USA

Subscribe to DISC InfoSec blog by Email

Sep 14 2019

7 Steps to Web App Security

Category: Web Security — DISC @ 2:15 pm

Emerging technologies are introducing entirely new ways to reach, act, and interact with people. That makes app security more important than ever.

Source: 7 Steps to Web App Security

Titles: Web App Security

Securing Web Applications
httpv://www.youtube.com/watch?v=WlmKwIe9z1Q

Application Security – Understanding, Exploiting and Defending against Top Web Vulnerabilities
httpv://www.youtube.com/watch?v=sY7pUJU8a7U

Web Application Security and OWASP – Top 10 Security Flaws
httpv://www.youtube.com/watch?v=j5PuYFCS0Iw

Ethical Hacking 101: Web App Penetration Testing – a full course for beginners
httpv://www.youtube.com/watch?v=2_lswM1S264

Subscribe to DISC InfoSec blog by Email

Tags: burp suite, web 2.0 threats, web app security, web hacking, web security

Sep 10 2019

Insider Threat Report

Category: Insider Threat — DISC @ 10:05 pm

Insider Threat Report [Verizon]

What is Insider Threat?
httpv://www.youtube.com/watch?v=gwaA2xEPSEs

A Framework to Effectively Develop Insider Threat Controls
httpv://www.youtube.com/watch?v=BDMIOzdVnGE

Insider Threats:
A Worst Practices Guide to Preventing Leaks, Attacks, Theft, and Sabotage
httpv://www.youtube.com/watch?v=tkB4FLEEq74

Subscribe to DISC InfoSec blog by Email

Tags: Insider Threat Report

Sep 09 2019

What’s your Password?!

Category: Password Security,Security Awareness — DISC @ 12:36 am

Very funny 😂 security password reminder, not funny that this is real!
httpv://www.youtube.com/watch?v=_u8Rss3W4Wg

Most Hilarious 😹 WiFi Names
httpv://www.youtube.com/watch?v=YDkt0FMcGLs

Obama 😎 finds ways to make cybersecurity funny 😎
httpv://www.youtube.com/watch?v=NpNk-tEkW_Q

Subscribe to DISC InfoSec blog by Email

« Previous Page — Next Page »