Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

AHMED359 @ 4/27/2015 12:00 PM | Comments (9)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (5)

Security Operational Center Matrix

Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advic...

Damien643 @ 4/16/2015 9:10 PM | Comments (1)

Threat Taxonomies

Hi All,I've been asked by a colleague about information security Threat Taxomonies (or lists) to as...

Ross Peachey @ 3/24/2015 7:53 AM | Comments (3)

CISO Role: Connecting Security to Business

Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Pe...

Simiyu @ 3/24/2015 1:10 AM | Comments (4)

Threat Management

I need your expert advice about threat management solution like(NorseDark Watch, FireEye,SurfWatch)...

AHMED359 @ 3/8/2015 6:56 AM | Comments (1)

Privacy and Humanity Elements for the IoT / IoE

NEW!! Last piece of my IoT Security series: Privacy and Humanity Elements for the IoT / IoE: #InfoS...

Michael S. Oberlaender @ 2/18/2015 4:15 PM | Comments (0)

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

AHMED359 @ 2/18/2015 7:54 AM | Comments (20)

Challenges in Implementing BYOD in corporate environment

Many organizations today are looking in to implementing BYOD in there corporate environment. how ca...

Sudarsha627 @ 2/11/2015 1:17 AM | Comments (4)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

IoT / IoE: If It Has an IP Address, It Can Be Hacked

Please find my latest article here: http://blog.norsecorp.com/2015/01/26/iot-ioe-if-it-has-an-ip-ad...

Michael S. Oberlaender @ 1/27/2015 12:22 PM | Comments (4)

Managing the Information Security Life Cycle

This is an interesting article to share about Managing the Information Security Life Cyclehttp://ww...

AHMED359 @ 11/18/2014 5:39 AM | Comments (2)

CISO Job Description

I am looking for sample/examples of other healthcare facilities Chief Information Security Officer,...

Lisa850 @ 11/17/2014 12:34 PM | Comments (5)

Cyber Alert Levels

Many organisations publish "cyber alert levels" which are intended to represent the sever...

Ross Peachey @ 9/25/2014 6:21 AM | Comments (0)

IT Risk Assessment Service Selection Criteria

I am going to have the consultant to perform a holistic IT risk assessment for the company, what fa...

chungangus @ 9/24/2014 4:28 AM | Comments (4)

RE: Sending a severe message to everyone

I totally agree with the approach of one step at a time not the shock but I  wanted to open a discu...

AHMED359 @ 4/28/2015 9:41 AM

RE: Sending a severe message to everyone

Hello Ahmed, I'm glad to see that you got the approval from your board to increase the security lev...

Damien643 @ 4/28/2015 7:08 AM

RE: Sending a severe message to everyone

I also suggest the message should be brought to all staff by senior management to highlight the imp...

chungangus @ 4/28/2015 1:53 AM

RE: Sending a severe message to everyone

Totallyagree with all your advices gentlemen, I already have a roadmap my approach wasto make one s...

AHMED359 @ 4/28/2015 12:43 AM

RE: Sending a severe message to everyone

I agree with the comments above. Sending a severe message is a bit harsh. Do not try to POLICE peop...

Simiyu @ 4/28/2015 12:39 AM

RE: Sending a severe message to everyone

Certainly a credible signal from management that information security is important will help. As Jo...

Ross Peachey @ 4/28/2015 12:14 AM

RE: Sending a severe message to everyone

That is probably the worst way to approach security in an organisation. I think most forget that se...

DanielM @ 4/27/2015 10:01 PM

RE: Sending a severe message to everyone

Hi Ahmed359, Good governance cannot be achieved with a stick. You will end up loosing key resources...

JoseSamuel @ 4/27/2015 1:42 PM

RE: Sending a severe message to everyone

First off from a risk based perspective, you should not be the one sending the message. And I'd cou...

DanSt @ 4/27/2015 1:28 PM

RE: CISM CERT

Hi Reggie, Speaking as a previous topic leader for CISM; In addition to study groups, don't underes...

Ross Peachey @ 4/24/2015 5:15 AM

RE: CISM CERT

As suggested by others...kindly try seeking more information from your local chapter. I am very sur...

Simiyu @ 4/20/2015 11:17 PM

RE: CISM CERT

Is there a study group in Maryland, How do I join the discussion group.

REGGIE554 @ 4/20/2015 6:22 PM

RE: CISM CERT

Also, you might want to join the CISM discussion group here as well.

Michael137 @ 4/20/2015 5:34 PM

RE: CISM CERT

I would recommend taking an exam review course put on by an ISACA chapter. My chapter does a one da...

Michael137 @ 4/20/2015 5:33 PM

RE: CISO Role: Connecting Security to Business

@VE, you are right. It is only by having a properly structured IT governance processes that CISO's ...

Simiyu @ 4/19/2015 11:09 PM

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

AHMED359 @ 2/18/2015 7:54 AM | Comments (20)

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

AHMED359 @ 4/27/2015 12:00 PM | Comments (9)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

Glory Idehen @ 8/22/2014 12:41 PM | Comments (7)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

CISA or CISM which one should I go for?

I am currently pursuing MS in Information Security. I have no work experience.Now I want to do a ce...

Rahul Das @ 6/30/2012 1:35 AM | Comments (5)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (5)

CISO Job Description

I am looking for sample/examples of other healthcare facilities Chief Information Security Officer,...

Lisa850 @ 11/17/2014 12:34 PM | Comments (5)

Information Security Governance: Why Is it Not More Prevasive?

I am an avid believer in the concept of information security governance, and I believe this concept...

Eugene510 @ 8/24/2010 1:20 PM | Comments (5)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

Security Access Review Scope or Depth Query

Dear All,I think a security access review or identity certification is a common task to examine the...

chungangus @ 8/19/2014 11:05 PM | Comments (4)

New to IS Management

I have just been given responsibility for Information Security Management within my organisation.  ...

PHolmes @ 6/17/2011 9:47 AM | Comments (4)