ISMS Archive
In today’s underskilled cyber security market place, people ask whether they should acquire a CISSP or CISM qualification. Each qualification has different strengths – so, which do you think information security professionals should pursue? Where do you think CISMP fits into a …
I talked, earlier this week, about the evident gap between the concern expressed (in the 2013 ISBS survey) by the majority of managers about cyber security and the fact that their organisations continue to be breached, and linked this to …
SANS has, for years, published and maintained the Top 20 Critical Security Controls (now in version 4.1). These 20 Critical Security Controls, whose origins go back beyond 2008, were implemented by the US State Department in 2009, leading apparently to …
Half of all firms which allow staff to bring their own device, but don’t have any firm information security policies or practices around BYOD, have suffered a security breach – according to Dell, and as reported by Out-law.com. A Dell …
While China, unsurprisingly, denies involvement in hacking (China Denies Hacks, Points Finger at U.S), the business focus should be on dealing with the impacts of successful hacks – not only on your own websites and networks, but also on those …
Alan Calder
November 22, 2011
Business and the Economy, Business Continuity, Compliance, Cyber Security, Data Breaches, Data Protection, ISMS, ISO 27001, ISO 27002 (ISO 17999), IT Governance, IT Security, Mobile Devices
We carried out an analysis of the data breach cases which led to the UK’s Information Commissioner extracting an undertaking from the organisation concerned. Over the last 18 months (May 2010 – mid-November 2011), this is the breakdown of 85 …
A recently published study into Global 2000 IT-spending intentions identified that 39% of corporations are spendng more on information security this year, with 37% planning to increase spending in 2012. With cyber security identified as a key strategic threat facing organisations …
Alan Calder
November 11, 2011
Business and the Economy, Business Continuity, Compliance, Cyber Security, Data Breaches, Data Protection, Disaster Recovery, ISMS, ISO 27001, ISO 27002 (ISO 17999), IT Governance, IT Security, PCI DSS, social media
At the end of October, we submitted the manuscript of the 5th Edition of our best-selling book on implementing an ISO27001 Information Security Management System (ISMS) to our external publisher, Kogan Page. It should be in bookshops across the world in Spring …
Codemasters have just demonstrated the weakness of a fallback strategy, when attacked by hackers, of taking your website offline: the hackers will already have got away with a whole lot of valuable information. So Codemasters appear now to be in a …
“We’re really, really sorry for the PlayStation Network outage” is, apparently, the gist of the Sony announcement on this issue. I guess it’s also, in essence, the message of the US organisations which experienced the 662 data breaches in 2010, exposing …
