The perfect introduction to the principles of information security management and ISO27001:2013 Most organizations implementing an information security management regime opt for systems based on the international standard, ISO/IEC 27001. This approach ensures that the systems they put in place are effective, reliable and auditable. Up to date with the latest version of the Standard […]
vsRisk – The Cyber Security Risk Assessment Tool It is extremely difficult to carry out a risk assessment that will meet the requirements of ISO27001 without using a specialist information security risk assessment tool. While there are a wide range of products on the market that claim to meet these requirements, the reality is that […]
Section 13 of Annex A handle information security incident management. One of the important thing to know about this section is the difference between an event and an incident. Information Securty Event: is an occurance of a system, service or netwrok state indicating a possible breach of information security policy or failure of safeguards. Informtaion […]
Security Metrics: Replacing Fear, Uncertainty, and Doubt The long awaited international standard on Information Security Measurement, ISO/IEC27004:2009, is now available. It’s a must have – To Download a copy of ISO27004 – Information Security Metrics Key Features and Benefits: ā¢ Provides guidance on the development, implementation use of metrics to measure the effectiveness of an […]
Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazineās annual āState of the Netā survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be […]
https://commons.wikimedia.org/wiki/File:Cloud_comp_architettura.png Cloud computing provide common business applications online that run from web browser and is comprised of virtual servers located over the internet. Main concern for security and privacy of user is who has access to their data at various cloud computing locations and what will happen if their data is exposed to an unauthorized […]
