Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Privacy and Humanity Elements for the IoT / IoE

NEW!! Last piece of my IoT Security series: Privacy and Humanity Elements for the IoT / IoE: #InfoS...

Michael S. Oberlaender @ 2/18/2015 4:15 PM | Comments (0)

Security Operation Center Roadmap

HelloI need your expertise help to make a roadmap document forestablishing a new security operation...

AHMED359 @ 2/18/2015 7:54 AM | Comments (0)

Challenges in Implementing BYOD in corporate environment

Many organizations today are looking in to implementing BYOD in there corporate environment. how ca...

Sudarsha627 @ 2/11/2015 1:17 AM | Comments (4)

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (8)

IoT / IoE: If It Has an IP Address, It Can Be Hacked

Please find my latest article here: http://blog.norsecorp.com/2015/01/26/iot-ioe-if-it-has-an-ip-ad...

Michael S. Oberlaender @ 1/27/2015 12:22 PM | Comments (4)

Managing the Information Security Life Cycle

This is an interesting article to share about Managing the Information Security Life Cyclehttp://ww...

AHMED359 @ 11/18/2014 5:39 AM | Comments (2)

CISO Job Description

I am looking for sample/examples of other healthcare facilities Chief Information Security Officer,...

Lisa850 @ 11/17/2014 12:34 PM | Comments (5)

Cyber Alert Levels

Many organisations publish "cyber alert levels" which are intended to represent the sever...

Ross Peachey @ 9/25/2014 6:21 AM | Comments (0)

IT Risk Assessment Service Selection Criteria

I am going to have the consultant to perform a holistic IT risk assessment for the company, what fa...

chungangus @ 9/24/2014 4:28 AM | Comments (4)

IS Security Reporting Structures

Our healthcare organization is reorganizing its overall reporting structures to include IS Security...

grayowl @ 9/23/2014 12:36 PM | Comments (4)

Any standard checking for security process in ITIL

I am reviewing an existing security process in the ITIL framework.  All new services have to go thr...

chungangus @ 9/14/2014 11:21 PM | Comments (3)

Asset based versus holistic information security risk assessment

On of the biggest impacts in the ISO 27001:2013 standard is the omission of the words "asset b...

Koen Béroudiaux @ 9/13/2014 3:40 AM | Comments (3)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

Glory Idehen @ 8/22/2014 12:41 PM | Comments (7)

Security Access Review Scope or Depth Query

Dear All,I think a security access review or identity certification is a common task to examine the...

chungangus @ 8/19/2014 11:05 PM | Comments (4)

Call for Papers and Discount Code for ISACA Ireland Conference on 3rd Oct 2014

Hi Everyone, I'm the chapter president of ISACA Ireland and would like to let members of this topic...

Neil_Curran @ 8/2/2014 12:39 PM | Comments (1)

RE: Mandatory Security Design Considerations for the IoT / IoE

An out-of-office message containing personal information or a comment that violates community polic...

Len Shingler @ 2/19/2015 12:01 PM

RE: Mandatory Security Design Considerations for the IoT / IoE

@Ross, I have posted here (in the section) already yesterday that the latest installment is availab...

Michael S. Oberlaender @ 2/19/2015 11:59 AM

RE: Mandatory Security Design Considerations for the IoT / IoE

@Michael, you make some really good points in terms of security design considerations, and I apprec...

Ross Peachey @ 2/18/2015 11:24 PM

RE: Mandatory Security Design Considerations for the IoT / IoE

@Ross, Okay I have spoken with Norse and updated to reflect the above mentioned text. Thanks again ...

Michael S. Oberlaender @ 2/17/2015 3:58 PM

RE: Mandatory Security Design Considerations for the IoT / IoE

@Ross (Ross Peachey): I used (intended) the accounting more for the financial aspect for the usage ...

Michael S. Oberlaender @ 2/17/2015 1:38 PM

RE: Mandatory Security Design Considerations for the IoT / IoE

I am currently out of office.I will return on 18 February.Thank you.

Konstantinos Argyropoulos @ 2/17/2015 4:49 AM

RE: Mandatory Security Design Considerations for the IoT / IoE

An out-of-office message containing personal information or a comment that violates community polic...

Len Shingler @ 2/17/2015 4:49 AM

RE: Mandatory Security Design Considerations for the IoT / IoE

Hi Michael,Why did you choose to focus on the 4 A’s, as well as non-repudiation in this article?Or ...

Ross Peachey @ 2/17/2015 4:47 AM

RE: Challenges in Implementing BYOD in corporate environment

There are some good ISACA resources also:http://www.isaca.org/CIO/Pages/CIO-BYOD.aspxhttp://www.isa...

Ross Peachey @ 2/12/2015 7:40 PM

RE: Challenges in Implementing BYOD in corporate environment

@Damien : Thanks for the comment. Indicated document is very useful.

Sudarsha627 @ 2/11/2015 8:42 AM

RE: Challenges in Implementing BYOD in corporate environment

Hello,Great question! If you have a standard like ISO27K, HIPAA, ... in place,personal devices need...

Damien643 @ 2/11/2015 7:50 AM

RE: Chalenges in Implementing BYOD in corporate environment

An out-of-office message containing personal information or a comment that violates community polic...

Lera800 @ 2/11/2015 1:19 AM

RE: Managing the Information Security Life Cycle

Good article. Very interesting. If I have a critisism of the approach it's that Nolan's model, whic...

Ross Peachey @ 2/8/2015 3:50 PM

RE: Managing the Information Security Life Cycle

A very nice informative article. Ahmed359, thanks for sharing.

Simiyu @ 2/6/2015 1:03 AM

RE: CISO Job Description

I like the posting by @grayowl.Ideally larger organisations have a CSO (chief security officer) who...

Marc Vael @ 2/5/2015 7:37 PM

Mandatory Security Design Considerations for the IoT / IoE

NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.no...

Michael S. Oberlaender @ 2/4/2015 9:57 PM | Comments (8)

Why is so difficult train the management about the importance of engage in a Security certification process?

In my experience is not so easy to convince Mangement about the importance to work towards a certif...

Cristina Ledesma @ 5/26/2014 8:50 AM | Comments (8)

InfoSec models inter-relationship mappings

I am looking for mapping of SABSA attributes taxonomy to ISO 27001's PDCA, ITIL & COBIT 5 model...

Glory Idehen @ 8/22/2014 12:41 PM | Comments (7)

Is gamification a solution for the information security awareness?

Hype or not, gamification becomes a professional solution which expands out of the entertainment an...

Marc Vael @ 1/5/2012 12:09 PM | Comments (6)

If a company wants to donate PC's to a charity, what is the right procedure for deleting all data?

A question started byAbbas Kudrati, Head - Quality & Information Security Standard at eGovernme...

Marc Vael @ 6/15/2010 8:45 AM | Comments (6)

Applying military strategy to IT problems

It is well known that strategic management borrows heavily from military science.. How far do you a...

Simiyu @ 11/21/2013 9:54 PM | Comments (6)

CISA or CISM which one should I go for?

I am currently pursuing MS in Information Security. I have no work experience.Now I want to do a ce...

Rahul Das @ 6/30/2012 1:35 AM | Comments (5)

CISO Job Description

I am looking for sample/examples of other healthcare facilities Chief Information Security Officer,...

Lisa850 @ 11/17/2014 12:34 PM | Comments (5)

Information Security Governance: Why Is it Not More Prevasive?

I am an avid believer in the concept of information security governance, and I believe this concept...

Eugene510 @ 8/24/2010 1:20 PM | Comments (5)

Social Engineering

The idea is to analize this topic by its different components, information, people and legal consec...

Cristina Ledesma @ 2/17/2014 6:08 AM | Comments (5)

Security Access Review Scope or Depth Query

Dear All,I think a security access review or identity certification is a common task to examine the...

chungangus @ 8/19/2014 11:05 PM | Comments (4)

New to IS Management

I have just been given responsibility for Information Security Management within my organisation.  ...

PHolmes @ 6/17/2011 9:47 AM | Comments (4)

Outsourcing:- information security as a service

What are the challenges, what should be the scope limitation, how do you enhance privacy of your da...

Simiyu @ 7/23/2014 2:29 AM | Comments (4)

ISO 27001 Policy audits

HiFor those who have experience of ISO 27001 Accreditation audits can you tell me if the auditors a...

Len Shingler @ 2/21/2013 11:20 AM | Comments (4)

IT Risk Assessment Service Selection Criteria

I am going to have the consultant to perform a holistic IT risk assessment for the company, what fa...

chungangus @ 9/24/2014 4:28 AM | Comments (4)