Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Transactions SMS customers not performed

What is the information security perspective if the customers reported receiving SMS for transactio...

Tarek EL-Sherif @ 3/12/2017 5:09 AM | Comments (0)

Cybersecurity: What does the board want?

Boards of Director are taking an increasingly active role in cybersecurity governance.  The questio...

Ramakrishna593 @ 2/23/2017 1:04 AM | Comments (0)

Efficiency in Vulnerability Management

How do you ensure vulnerabilities in your organisation are identified and fixed efficiently? I work...

Eliud433 @ 1/17/2017 6:54 AM | Comments (0)

IT Security vs IT Risk

What is the difference between IT Security and IT Risk ?

Tarek EL-Sherif @ 1/4/2017 8:30 AM | Comments (11)

Cyber Security Capability Maturity Models

Hello all,I am searching information regarding topic of Cyber Security Capability Maturity Models.C...

Tomejus @ 11/27/2016 3:39 AM | Comments (4)

Information Security Charters?

It was brought to my attention the need to create information security charters for each department...

Raul Dusa @ 10/24/2016 10:40 AM | Comments (6)

SOC Formation

Hi everyone...please share anything on this topic "Formation of Security Operation Center"

Mir526 @ 9/20/2016 12:46 PM | Comments (1)

Assigning ownership of IT Assets - need advice

Dear colleagues, In my company we experience serious difficulties with assigning ownership of the b...

Lilia Georgieva @ 8/30/2016 1:45 PM | Comments (5)

How do Business Analyst support Cyber Security program with Requirement Gathering

Would anyone be kind to advise on how a Business Analyst can support a Cyber Security project mainl...

Abayomi786 @ 7/23/2016 3:39 AM | Comments (0)

Developer Access to Production

What is best practice to trace Developers' Access to Production Environment for any given applicati...

Jothirao @ 7/20/2016 6:19 AM | Comments (5)

IT security place in organizational structure

Hello all,I am interested in question of your known best practice of IT security place in organizat...

Tomejus @ 7/10/2016 1:13 PM | Comments (1)

Return On Security Investment (ROSI)

Hi All,There's alot of theory thrown around about ROSI. In theory it makes sense.But using these id...

Ross Peachey @ 6/5/2016 7:11 AM | Comments (0)

Aviation Cyber Security Management

I need information about typical organizational structure of information security areas in commerci...

rsabella24 @ 5/29/2016 8:26 AM | Comments (1)

Head of infosec job description

what is the ideal job description for Head of information security to setup a new infosec team in a...

Tarek EL-Sherif @ 5/22/2016 5:50 AM | Comments (2)

Job Description

what is the ideal job description for Head of information security

Tarek EL-Sherif @ 5/22/2016 2:03 AM | Comments (3)

RE: IT Security vs IT Risk

A simple question deserves a simple answer: IT Security consists of the controls necessary to addre...

YONGXUN926 @ 1/17/2017 12:43 AM

RE: IT Security vs IT Risk

IT RIsk sees that a five place password is a Control in place intended to provide Security and is t...

Don Turnblade @ 1/12/2017 12:51 PM

RE: IT Security vs IT Risk

IT Risk and Information Security do not evaluate risk by similar criteria in all cases. A classic d...

Don Turnblade @ 1/12/2017 12:40 PM

RE: IT Security vs IT Risk

Are the any known legal, regulatory, governance, risk or compliance frameworks actually covering th...

Don Turnblade @ 1/12/2017 12:31 PM

RE: IT Security vs IT Risk

A sample case where the difference is normally present. Does an Information Security team need mana...

Don Turnblade @ 1/12/2017 12:23 PM

RE: IT Security vs IT Risk

A manager needs to comply with practice risks often stemming from a GRC perspective of policy, lega...

Don Turnblade @ 1/12/2017 12:06 PM

RE: IT Security vs IT Risk

The core difference comes form questions of accountability, authority and competency to managed spe...

Don Turnblade @ 1/12/2017 11:52 AM

RE: IT Security vs IT Risk

First of all the IT Security Risk is part of IT Risk Management. IT Risks include security risks of...

Karina520 @ 1/4/2017 2:16 PM

RE: IT Security vs IT Risk

Dears, my issue hear that I am looking for a clear and simple answer to explain it to my organizati...

Tarek EL-Sherif @ 1/4/2017 1:18 PM

RE: IT Security vs IT Risk

A simple question deserves a simple answer: IT Security consists of the controls necessary to addre...

Kyle430 @ 1/4/2017 9:43 AM

RE: IT Security vs IT Risk

Is this asking on Standards to identify IT Risks and IT Security Risks ? Control Objectives and clo...

Karin007 @ 1/4/2017 9:27 AM

RE: Cyber Security Capability Maturity Models

@Michael137 , it is really valuable information for me what you have shared. I see your involvement...

Tomejus @ 12/4/2016 6:20 AM

RE: Cyber Security Capability Maturity Models

Well, if you're looking for a generic process assessment methodology, would recommend just looking ...

Michael137 @ 11/28/2016 9:48 AM

RE: Cyber Security Capability Maturity Models

Thank you, @Michael137 , I appreciate that! ISO 33071 is just a more generic process assessment met...

Tomejus @ 11/28/2016 5:45 AM

RE: Cyber Security Capability Maturity Models

Is ISO 33071 dealing with cybersecurity, or just a more generic process assessment methodology??The...

Michael137 @ 11/27/2016 2:01 PM

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

Elsayed @ 2/18/2015 7:54 AM | Comments (20)

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

Elsayed @ 4/27/2015 12:00 PM | Comments (13)

IT Security vs IT Risk

What is the difference between IT Security and IT Risk ?

Tarek EL-Sherif @ 1/4/2017 8:30 AM | Comments (11)

Cyber Security Awareness Program for eployees

Hello,I am working on a Cyber Security Awareness program for my company and I was looking for some ...

uvesed @ 2/1/2016 11:38 AM | Comments (9)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

Security Operational Center Matrix

Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advic...

Damien643 @ 4/16/2015 9:10 PM | Comments (8)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (7)

Information Security Management

Hi All, I'm going to start the first step as a head of information security, my current position in...

Tarek EL-Sherif @ 1/14/2016 5:11 AM | Comments (7)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

D'LionKing @ 8/22/2014 12:41 PM | Comments (7)

Definition of 'security breach'

On the basis that there is no such thing as a 'stupid' question (and assume positive intent), can w...

Phil Green @ 11/18/2015 5:21 AM | Comments (7)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Information Security Charters?

It was brought to my attention the need to create information security charters for each department...

Raul Dusa @ 10/24/2016 10:40 AM | Comments (6)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)