• (0)
    ISO-27001-ISO-22301-blog

    Tag: “Information security”

    ISO 27002 – What will the next revision bring?
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security...
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security since then, and this standard definitely needs some “facelifting”. Since ISO 27002 is closely tied...
    How to deal with insider threats?
    “Your ISO 27001 is nice in theory, but if our system administrator goes crazy, we’re dead.” – I hear this...
    “Your ISO 27001 is nice in theory, but if our system administrator goes crazy, we’re dead.” – I hear this quite often when speaking to my clients about which security controls they should apply. And...
    Is it possible to calculate the Return on Security Investment (ROSI)?
    If you are an information security or business continuity professional, then you’re probably aware of the most difficult part of...
    If you are an information security or business continuity professional, then you’re probably aware of the most difficult part of your job: to convince your management that investment in information security/business continuity makes sense. Traditionally,...
    Management’s view of information security
    If you think your management doesn’t have a clue what information security is all about, keep in mind that misunderstanding...
    If you think your management doesn’t have a clue what information security is all about, keep in mind that misunderstanding usually goes both ways: management often thinks you have no idea about what is appropriate...
    Lessons learned from WikiLeaks: What is exactly information security?
    Nowadays WikiLeaks is a hot story for a good reason – it is not very common for confidential documents of...
    Nowadays WikiLeaks is a hot story for a good reason – it is not very common for confidential documents of the world’s most powerful government to be published on the Internet. And some of these...
    Information security or IT security?
    Update 2014-08-11: The number of controls was updated according to 2013 revision of ISO 27001. One would think that these...
    Update 2014-08-11: The number of controls was updated according to 2013 revision of ISO 27001. One would think that these two terms are synonyms – after all, isn’t information security all about computers? Not really....