Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Password Management - still safe to store your password there?

Last week, the popular password management software LastPass got hacked. (see link for news detail:...

ShanShan @ 6/17/2015 9:50 AM | Comments (5)

ISACA Ireland Needs YOU!

Hope you don't mind me posting in this groupabout this year's ISACA Ireland conference, which is fo...

Neil_Curran @ 6/17/2015 4:14 AM | Comments (1)

Another breach - IRS got hacked

IRS got hacked and 100,000 records were exposed. Not enough security control in place? What do you ...

ShanShan @ 5/27/2015 8:57 AM | Comments (4)

Advice on IS Policy

helloI have posted a new topic discussion asking for an advice for general IS policy and AUP with t...

AHMED359 @ 5/11/2015 9:41 AM | Comments (2)

Status of UK Data Protection Act

Anyone has experience or under the requirements of the UK Data Protection Act?I am in Hong Kong fol...

chungangus @ 5/3/2015 9:42 PM | Comments (4)

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

AHMED359 @ 4/27/2015 12:00 PM | Comments (13)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (7)

Security Operational Center Matrix

Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advic...

Damien643 @ 4/16/2015 9:10 PM | Comments (5)

Threat Taxonomies

Hi All,I've been asked by a colleague about information security Threat Taxomonies (or lists) to as...

Ross Peachey @ 3/24/2015 7:53 AM | Comments (3)

CISO Role: Connecting Security to Business

Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Pe...

Simiyu @ 3/24/2015 1:10 AM | Comments (4)

Threat Management

I need your expert advice about threat management solution like(NorseDark Watch, FireEye,SurfWatch)...

AHMED359 @ 3/8/2015 6:56 AM | Comments (1)

Privacy and Humanity Elements for the IoT / IoE

NEW!! Last piece of my IoT Security series: Privacy and Humanity Elements for the IoT / IoE: #InfoS...

Michael S. Oberlaender @ 2/18/2015 4:15 PM | Comments (0)

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

AHMED359 @ 2/18/2015 7:54 AM | Comments (20)

Challenges in Implementing BYOD in corporate environment

Many organizations today are looking in to implementing BYOD in there corporate environment. how ca...

Sudarsha627 @ 2/11/2015 1:17 AM | Comments (4)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

RE: Password Management - still safe to store your password there?

Dear All,Please can anybody assist with job description for a SOC analyst (both senior and junior),...

Matthew Ani @ 7/2/2015 3:32 AM

RE: Password Management - still safe to store your password there?

I am not sure specifically about Lastpass, but I think it still is far safer to use password manage...

Chaitanya Kunthe @ 7/1/2015 4:57 AM

RE: Security Operational Center Matrix

hi DamienHow is your may 24 deadline going, happy to review.Is the SOC activities list intended to ...

Jeff warren @ 6/26/2015 8:06 PM

RE: Password Management - still safe to store your password there?

https://www.grc.com/sn/SN-512-Notes.pdfHope this helps?

Prfssr5 @ 6/24/2015 12:35 PM

RE: Password Management - still safe to store your password there?

There are suggestions in other forums that Lastpass has been heavily targeted by attackers over the...

Ross Peachey @ 6/24/2015 1:44 AM

RE: Password Management - still safe to store your password there?

I think password manager is something liked sso, when the authentication isbased on a single contro...

chungangus @ 6/17/2015 10:53 AM

RE: ISACA Ireland Needs YOU!

An out-of-office message containing personal information or a comment that violates community polic...

Lena Korugl @ 6/17/2015 5:42 AM

RE: Another breach - IRS got hacked

Is there update on the breach

Farooq Wahab Naiyer @ 6/3/2015 6:02 PM

RE: Another breach - IRS got hacked

Hi ShanShan, The notion that "breaches have a compounding effect" is an interesting one. ...

Ross Peachey @ 6/2/2015 6:26 AM

RE: CISM CERT

https://www.isaca.org/Groups/Professional-English/cism-exam-study-community-2013/Pages/Overview.aspx

khansik @ 5/28/2015 2:45 AM

RE: Advice on IS Policy

An out-of-office message containing personal information or a comment that violates community polic...

Lera800 @ 5/11/2015 9:44 AM

RE: Advice on IS Policy

An out-of-office message containing personal information or a comment that violates community polic...

Eric Andersen @ 5/11/2015 9:44 AM

RE: Status of UK Data Protection Act

If the DPA is not mandatory for‎ your company, you can look the NIST framework. If you speak french...

Damien643 @ 5/6/2015 10:37 AM

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

AHMED359 @ 2/18/2015 7:54 AM | Comments (20)

Sending a severe message to everyone

Dear Gentlemen,I have a topic here I need to your expert advice, in a newlyformed Information secur...

AHMED359 @ 4/27/2015 12:00 PM | Comments (13)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (9)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

CISM CERT

Does anyone know of a CISM study group for the upcoming exam, or have any suggestions on what and h...

REGGIE554 @ 4/20/2015 3:52 PM | Comments (7)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

Glory Idehen @ 8/22/2014 12:41 PM | Comments (7)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

Password Management - still safe to store your password there?

Last week, the popular password management software LastPass got hacked. (see link for news detail:...

ShanShan @ 6/17/2015 9:50 AM | Comments (5)

Security Operational Center Matrix

Hello guys, I've done a matrix example for SOC activities, i would share it with you and your advic...

Damien643 @ 4/16/2015 9:10 PM | Comments (5)

CISO Job Description

I am looking for sample/examples of other healthcare facilities Chief Information Security Officer,...

Lisa850 @ 11/17/2014 12:34 PM | Comments (5)

Information Security Governance: Why Is it Not More Prevasive?

I am an avid believer in the concept of information security governance, and I believe this concept...

Eugene510 @ 8/24/2010 1:20 PM | Comments (5)

CISA or CISM which one should I go for?

I am currently pursuing MS in Information Security. I have no work experience.Now I want to do a ce...

Rahul Das @ 6/30/2012 1:35 AM | Comments (5)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)