Notice Bored
APRIL 20, 2022
When you acquire or provide professional services, how do you address the associated information risks? Professional services are information-centric: information is the work product , the purpose, the key deliverable.
Notice Bored
JUNE 23, 2022
Design plan' hints at the organisation having developed an information risk and security architecture. The expansive German infosec standard IT-Grundschutz talks of the RTP in terms of a project plan. Good move, although personally as a fan of security engineering I'd have preferred an explicit mention and further guidance on that.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Notice Bored
MARCH 14, 2022
Controls against fraud perpetrated by insiders (managers or staff), partners, outsiders/unknown parties, and potentially several (collusion) is another weak area in the standard. Oversight, for instance, is a valuable control (or rather, a cloud of related controls) that is almost universally applicable.
eSecurity Planet
DECEMBER 19, 2023
Ricardo Villadiego, founder & CEO of Lumu , expects “a significant shift towards adopting models based on passwordless architectures like Google Passkeys as the dominant authentication method to combat phishing and scam campaigns.
ForAllSecure
MAY 2, 2023
I’m Robert Vamosi and in this episode I’m talking about online criminal investigations conducted by someone who is inside the infosec community, and how your social media posts -- no matter how good you think you are about hiding -- can reveal a lot about your true identity. Daniel, he keeps a low profile. CLEMENS: I do.
Expert insights. Personalized for you.
72 
Let's personalize your content