How to use ISO 22301 for the implementation of business continuity in ISO 27001
Dejan Kosutic
One of the biggest mysteries in ISO 27001 implementation is the Annex A section A.17, which speaks about business continuity management....
One of the biggest mysteries in ISO 27001 implementation is the Annex A section A.17, which speaks about business continuity management. How does business continuity relate to information security, and why is it included in ISO...
Qualifications for an ISO 27001 Internal Auditor
Antonio Jose Segovia
One of the requirements of ISO 27001 is the realization of an internal audit, as set out in Section 9.2 of...
One of the requirements of ISO 27001 is the realization of an internal audit, as set out in Section 9.2 of the standard. But, the question is: Who can perform this internal audit? We will find...
8 Security Practices to Use in Your Employee Training and Awareness Program
This might be hard to believe, but it is true: 59% of data breaches are happening not because of some...
This might be hard to believe, but it is true: 59% of data breaches are happening not because of some smart hacker who wants to do harm to your company; those breaches are happening because...
How a change in thinking can stop 82% of data breaches
Updated: March 23, 2023, according to the ISO 27001 2022 revision. According to Experian 2023 Second Annual Data Breach Industry...
Updated: March 23, 2023, according to the ISO 27001 2022 revision. According to Experian 2023 Second Annual Data Breach Industry Forecast, the largest number of data security breaches are happening because of human error and...
Small business guide to cyber security: 6 steps against the data breach
Lately we’ve seen many large companies getting hacked: Anthem, Sony, and Target to name just a few. The number of...
Lately we’ve seen many large companies getting hacked: Anthem, Sony, and Target to name just a few. The number of data breaches increased 27.5% in 2014, so measures against these types of security incidents are...
Top 10 information security bloggers in 2014
If you want to stay on top of cybersecurity / information security news and insights, here are the blogs that...
If you want to stay on top of cybersecurity / information security news and insights, here are the blogs that I found the most useful. I listed here only the blogs written by independent authors...
Will a piece of paper stop the attackers?
There are many skeptics who do not believe ISO 27001 can help protect their information and/or information systems; one of...
There are many skeptics who do not believe ISO 27001 can help protect their information and/or information systems; one of their main arguments is: “Writing a policy or a procedure surely won’t help against someone...
The most popular ISO 27001 & ISO 22301 blog posts
This is my 100th blog post! When I started this blog four years ago, I never dreamed I would have...
This is my 100th blog post! When I started this blog four years ago, I never dreamed I would have that many things to write about… And yet, the more I write, the more ideas...
NIST Cybersecurity Framework or ISO 27001 – Which is the better choice for your company?
Rhand Leal
On February 12, 2014, the National Institute of Standards and Technology (NIST) published Framework for Improving Critical Infrastructure Cybersecurity, commonly...
On February 12, 2014, the National Institute of Standards and Technology (NIST) published Framework for Improving Critical Infrastructure Cybersecurity, commonly known as Cybersecurity Framework. If you already came across ISO 27001, you’re probably wondering: What...
