Hi, I am setting up a new information security department in a fairly young technical University and would appreciate anyone with experience to share some pointers on how to commence. For starters, I have the executive management commitment.
|
Hi all,at INSIGHTS 2013 (http://www.isaca.org/Education/Conferences/Pages/INSIGHTS-2013.aspx) the topic information security management will be discussed in panels.What burning questions would you like to ask to the panel and get a reply from?M.
PS why do...
Marc Vael | 4/12/2013 4:35:59 AM | COMMENTS(0)
|
Greetings!
I need some advice since my searches have not come up with much just yet.
Does anyone know of any good reference materials I could use that would help me for a presentation I need to give that covers the relationship between IT Audit and Info...
edward352 | 4/7/2013 9:09:00 AM | COMMENTS(0)
|
Hello Thought Leaders -
I have published a new book for exactly our group (title: "C(I)SO - And Now What?") - available at https://www.createspace.com/4043003 or via Amazon etc. online.
More details below:
The ISBN#s are:
ISBN-13: 978-1480237414
I...
|
IT RISK MANAGEMENTDRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIANORGANISATIONS To attain strategic, program and operational objectives,most organisations rely on the right IT services to be delivered at the righttime. This is only possible if IT risks hav...
|
Hi
For those who have experience of ISO 27001 Accreditation audits can you tell me if the auditors are restricted to auditing what is documented in the policies or do they expect to see pretty much every control aligned to your scope whether the log or p...
|
Books
Posted by ISACA 14 days ago
|
Books
Posted by ISACA 14 days ago
|
Books
Posted by ISACA 14 days ago
|
Books
Posted by ISACA 14 days ago
|
Books
Posted by ISACA 14 days ago
|
Books
Posted by ISACA 15 days ago
|
|
|
22 Apr 2013
ISACA International Event
Chicago, IL, USA
|
10 Jun 2013
ISACA International Event
Berlin, Germany
Early bird deadline has been extended: save over US $350 when you register by 1 May. Learn from industry-leading IT experts at Insights 2013. This is a unique opportunity to discover revolutionary new ideas at the world’s premier business event.
|
|
|
16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
|
30 Sep 2013
ISACA International Event
Medellín, Colombia
La Conferencia Latinoamericana CACS/ISRM 2013 en Medellín, Colombia es la conferencia principal latinoamericana para los profesionales de auditoría, riesgo y seguridad de la información. Ahorre más de EE.UU. $ 100 si se inscribe antes del 7 de agosto!
|
Volume 3, 2013
by Larry G. Wlosinski, CISA, CISM, CRISC, CAP, CDP, CISSP, ITIL
How will an organization’s information security staff be affected if the organization’s computer systems are moved to a cloud environment?
|
Volume 3, 2013
by Steven J. Ross, CISA, CISSP, MBCP
Ever since humankind built walls around its fortresses and towns, attackers have built ladders to climb over the walls.
|
Volume 3, 2013
by Andrew Hay
The PCI Security Standards Council’s Special Interest Group for Cloud released its much-anticipated guidance for securing Software, Platform and Infrastructure as a Service (SaaS, PaaS and IaaS) cloud servers.
|
Volume 3, 2013
by Steven DeFino and Larry Greenblatt | Reviewed by Dauda Sule, CISA
This Guide is targeted toward individuals who wish to attain the Certified Ethical Hacker (CEH) certification.
|
Volume 3, 2013
by Dan Bogdanov, Ph.D., and Aivo Kalu, Ph.D., CISA
A cloud is a remote-access platform; thus, technical controls that remotely enforce a particular security policy are especially efficient.
|
Volume 3, 2013
by Jacqueline Medina, CIPP-IT, Ryan Morrell, CISSP, Dennis Pickett, CISSP, John Lumpkin, Timothy McCain, CISM, Dina Drankus Pekelnicky, Alex Bengoa, MCSE, and David Songco
The National Children’s Study is the largest, most data-intensive study of children’s health ever planned in the US.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
Muchos investigadores y ciudadanos pasan un tiempo importante pensando sobre el futuro, sobre las condiciones y riesgos que están por venir, sobre los nuevos retos que se van a plantear y la forma como deberemos enfrentarlos para alcanzar nuevas posiciones estratégicas en los mercados actuales y futuros.
Conocer el futuro es un problema complejo, pues exige saber que está pasando en la actualidad con certeza y ver entre líneas los aspectos emergentes, que pueden ser hoy sólo movimientos aparentemente pasajeros, pero que no dimensionamos sus alcances o factores que los puedan potenciar. Mucho del conocimiento que podamos tener del entorno no bastará para establecer un patrón de conocimiento emergente que pueda revelar el misterio lo que puede pasar en el mediano y largo plazo.
En este sentido, las organizaciones deben establecer estrategias que permitan cada vez más avanzar en el conocimiento de su entorno, buscando un recorrido perimetral completo que disminuya los puntos ciegos y aumentar su capacidad de anticipación, toda vez que es de esta forma como puede permanecer vigente y competitiva, aún frente a situaciones inesperadas.
Como quiera que el futuro, es una reflexión basada en escenarios aún por conocer o mejor, situaciones que ya pasaron y no las vimos, se hace necesario mantener en el radar una forma de afinar la revisión del medio ambiente empresarial y las situaciones propias de cada organización, con el fin de tener a la vista motivaciones y sugerencias que nos permitan ubicar los riesgos y amenazas emergentes más relevantes y poder actuar en consecuencia.
Habida cuenta de lo anterior, utilizando los conocimientos y estrategias fundadas en las relaciones humanas, asociadas con la forma de ofrecer retroalimentación, como lo es la Ventaja de Johari, instrumento ampliamente conocido en el ámbito social, buscaremos repensar los conceptos de amenazas y riesgos emergentes en el contexto empresarial, para ofrecer una nueva lectura de la Ventana de Johari, ahora como la Ventana de AREM (Amenazas y Riesgos Emergentes).
|
The infosec industry has glommed onto a never-ending chain of analogies and metaphors to better explain the intangibles of digital security. We can’t seem to keep them all straight, nor do we know them all. So we reached out to security influencers and asked them what their favorite and least favorite infosec analogies or metaphors were and why they loved and hated them so much.
|
Cybercrime does not pay either... hacker was sentenced to 10 years in prison after pleading guilty to charges in connection to hacking the e-mail accounts of actress Scarlett Johansson and dozens of other celebrities.
|
New IBM report identifies security as the number one barrier of adoption for mobile, cloud and social business technologies.
|
The NATO National Cyber Security Framework Manual provides detailed background information and in-depth theoretical frameworks to help the reader understand the various facets of National Cyber Security, according to different levels of public policy formulation. The four levels of government -- political, strategic, operational and tactical/technical -- each have their own perspectives on National Cyber Security, and each is addressed in individual sections within the Manual. Additionally, the Manual gives examples of relevant institutions in National Cyber Security, from top-level policy coordination bodies down to cyber crisis management structures and similar institutions.
|
In the category "most stupid burglar using ICT" of 2012: this one made it easy for the police.
|
|
Resumen
El imparable crecimiento de internet en el mundo, y la integración de los diversos sistemas informáticos conectados a la red de Internet han hecho que la Seguridad de la Información alcance un papel de suma importancia actualmente. Desde el moment...
Posted By : ArthurHuamani | 0 comments
|
(By: William Darío Ávila Díaz, PhD)A new tool to combat Internet crime is now a reality thanks to an agreement signed by thirty countries, where they commit to the creation of international legislation attached to the local laws of each of the nations.
Th...
Posted By : William733 | 2 comments
|
|
Grupos de Estudio para Acreditaciones de JUNIO, SEPTIEMBRE Y DICIEMBRE 2013.
Para los que esten interesados en la presentación del exámen de certificación CISA y CISM o para cualquiera que desee comenzar a prepararse para estas o las próximas pruebas, pu...
Posted By : Alexander Osorio | 0 comments
|
Hoy les comentaré de OpenSSL que es una herramienta muy flexible, que proporciona muchos módulos cada uno de los cuales realiza una tarea específica. Cada módulo no es un ejecutable separado sin embargo se selecciona con el primer parámetro del ejecut...
Posted By : ArthurHuamani | 0 comments
|
|
(By: William Darío Ávila Díaz, PhD)
Colombia is the first Latin American country to adopt cyberspace strategy to prevent and tackle crime and minimize the risk level of citizens from threats or incidents of cyber nature. This is why they were created th...
Posted By : William733 | 0 comments
|
(By: William Darío Ávila Díaz, PhD)
Situation:
[1]On September 21, 2011, the website of the House of Representatives of the Republic of Colombia, was attacked by the "Colectivo Nacional Anonymous", who kept for several hours off duty.
The engineers of ...
Posted By : William733 | 0 comments
|
|
|