Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Reviewers for Forthcoming Cybersecurity Book

I am looking for people to review individual chapters of my forthcoming book: Practical Cybersecuri...

William598 @ 2/5/2018 1:40 PM | Comments (5)

ATM anti skimming

does the ATM anti skimming devices are operational risk or information security ?

Tarek EL-Sherif @ 12/18/2017 4:15 AM | Comments (2)

Security Predictions

Is it possible to use crowd-sourced security intelligence to predict future events?For this exercis...

Dragan Pleskonjic @ 11/9/2017 10:06 AM | Comments (1)

Where does a security director fit within an org chart?

Hi all,I am looking to separate the security function from IT and would love if you could point me ...

danic1979 @ 10/17/2017 7:11 PM | Comments (5)

Looking for examples of Information Security Function and SOC orgstructure

Dear Colleagues,As you know, Ukraine is being severely hit by cyberattacks. I am currently helping ...

Alexey808 @ 8/7/2017 1:31 PM | Comments (0)

Research on Information Security Management Systems standards and frameworks

Hi,Recently I am carrying out a research for my final year dissertation in Trinity College. The pri...

KAI720 @ 6/13/2017 5:41 AM | Comments (0)

Risk-based Infosec program

I'm currently reviewing the information security function within our organization. I have now the I...

ege_eds @ 3/27/2017 9:50 PM | Comments (2)

Transactions SMS customers not performed

What is the information security perspective if the customers reported receiving SMS for transactio...

Tarek EL-Sherif @ 3/12/2017 5:09 AM | Comments (0)

Cybersecurity: What does the board want?

Boards of Director are taking an increasingly active role in cybersecurity governance.  The questio...

Ramakrishna593 @ 2/23/2017 1:04 AM | Comments (1)

Efficiency in Vulnerability Management

How do you ensure vulnerabilities in your organisation are identified and fixed efficiently? I work...

Eliud433 @ 1/17/2017 6:54 AM | Comments (0)

IT Security vs IT Risk

What is the difference between IT Security and IT Risk ?

Tarek EL-Sherif @ 1/4/2017 8:30 AM | Comments (11)

Cyber Security Capability Maturity Models

Hello all,I am searching information regarding topic of Cyber Security Capability Maturity Models.C...

Tomejus @ 11/27/2016 3:39 AM | Comments (4)

Information Security Charters?

It was brought to my attention the need to create information security charters for each department...

Raul Dusa @ 10/24/2016 10:40 AM | Comments (6)

SOC Formation

Hi everyone...please share anything on this topic "Formation of Security Operation Center"

Mir526 @ 9/20/2016 12:46 PM | Comments (1)

Assigning ownership of IT Assets - need advice

Dear colleagues, In my company we experience serious difficulties with assigning ownership of the b...

Lilia Georgieva @ 8/30/2016 1:45 PM | Comments (5)

RE: Information Security Management

hi, my advice is to go through the information security case studies available in online or books. ...

ManojANNE @ 4/25/2018 5:12 PM

RE: Reviewers for Forthcoming Cybersecurity Book

I would be glad to help. The area needs good coverage and I welcome this book. CISM/CISA , CISSP et...

Don Turnblade @ 3/22/2018 12:10 PM

RE: Reviewers for Forthcoming Cybersecurity Book

Good luck with the launch of your book, William.

Antonius Ruslan @ 3/18/2018 5:48 AM

RE: Reviewers for Forthcoming Cybersecurity Book

Karin, Sarada, Thanks, please contact me at my email address wllmst ATSIGN me DOTSIGN com

William598 @ 2/6/2018 10:17 AM

RE: Reviewers for Forthcoming Cybersecurity Book

I would be interested in reviewing your book, My background is ERP application Security, Controls, ...

Sarada280 @ 2/5/2018 5:28 PM

RE: Reviewers for Forthcoming Cybersecurity Book

Hello William,I am interested. Working in Carveout / Triple A organizations - IT Security Manger -w...

Karin007 @ 2/5/2018 1:54 PM

RE: Security Predictions

Hi,yes, we can try to predict on the basis of information you do have with you, but i think we shou...

Anand292 @ 1/15/2018 10:44 PM

RE: ATM anti skimming

When it comes to skimming as risk the usual lifecycle categories apply: Prevention, Detection, Corr...

Don Turnblade @ 1/4/2018 10:36 AM

RE: ATM anti skimming

Hello,Can you please elaborate, what exactly you mean? Because Anti ATM skimming devise are meant t...

Anand292 @ 12/24/2017 3:16 AM

RE: Where does a security director fit within an org chart?

Thank you all for the insight!

danic1979 @ 10/26/2017 12:34 PM

RE: Where does a security director fit within an org chart?

ISO 31000 holds that there are to points to the placement of risk management within an organization...

Don Turnblade @ 10/26/2017 12:17 PM

RE: Where does a security director fit within an org chart?

I have also found this a useful reference in positioning the various stakeholdershttps://na.theiia....

Peter O'Toole @ 10/20/2017 2:54 AM

RE: Where does a security director fit within an org chart?

Danic, Positioning IT/IS security outside of IT is a best practice in Cobit5. The reason is to prov...

Gcookz @ 10/18/2017 10:51 AM

RE: Where does a security director fit within an org chart?

Hi Dannic1979, I actually have published a book about this and other subjects. If you want to give ...

Michael S. Oberlaender @ 10/17/2017 7:39 PM

RE: Information Security Management

Hi Tarek,After one year as the Head of Information Security what do you think worked for you to get...

Omar795 @ 7/13/2017 10:39 AM

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

Elsayed @ 2/18/2015 7:54 AM | Comments (20)

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

Elsayed @ 4/27/2015 12:00 PM | Comments (13)

IT Security vs IT Risk

What is the difference between IT Security and IT Risk ?

Tarek EL-Sherif @ 1/4/2017 8:30 AM | Comments (11)

Information Security Management

Hi All, I'm going to start the first step as a head of information security, my current position in...

Tarek EL-Sherif @ 1/14/2016 5:11 AM | Comments (10)

Cyber Security Awareness Program for eployees

Hello,I am working on a Cyber Security Awareness program for my company and I was looking for some ...

uvesed @ 2/1/2016 11:38 AM | Comments (9)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

Security Operational Center Matrix

Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advic...

Damien643 @ 4/16/2015 9:10 PM | Comments (8)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (7)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

D'LionKing @ 8/22/2014 12:41 PM | Comments (7)

Definition of 'security breach'

On the basis that there is no such thing as a 'stupid' question (and assume positive intent), can w...

Phil Green @ 11/18/2015 5:21 AM | Comments (7)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Information Security Charters?

It was brought to my attention the need to create information security charters for each department...

Raul Dusa @ 10/24/2016 10:40 AM | Comments (6)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)