Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Information Security Management

Welcome to the Information Security Management topic!

Collaborate, contribute, consume and create knowledge around topics such as cloud computing, application security, vulnerability management, PCI, and data protection.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
1017 Members
0 Online
10602 Visits

Community Leader

Farooq Wahab Naiyer
Marc Vael

Marc Vael

Badge: Influential

Ross Peachey

Ross Peachey

Badge: Energizer

Simiyu

Simiyu

Badge: Influential

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 77 total

Must be a Topic member to contribute
View All »
Hi All, I've been asked by a colleague about information security Threat Taxomonies (or lists) to assist him with the risk identification process. He already has the ISF IRAM2 documentation (Appendix F). Have provided additional references to: NIST S...
Ross Peachey | 3/24/2015 8:55:52 AM | COMMENTS(2)
HelloI need your expertise help to make a roadmap document forestablishing a new security operation center. The current security operationsfunctions are scattered in the organizationand we need to start consolidating them in one function. Ineed a referenc...
AHMED359 | 3/24/2015 6:30:55 AM | COMMENTS(20)
Many writers urgue that CISOs are generally misunderstood and under-appreciated by their C-Level Peers. One of the reasons advanced is that of CISOs inability to connect security and business. The article below seems to resonate the same urguement. http:/...
Simiyu | 3/24/2015 1:10:10 AM | COMMENTS(0)
I need your expert advice about threat management solution like(NorseDark Watch, FireEye,SurfWatch) or any other vendor you used, and the value theycan add to your security solution to detect and manage different threats,monitoringanomaly activities, gett...
AHMED359 | 3/18/2015 9:22:04 AM | COMMENTS(1)
NEW!! Here's the next one of my IoT / IoE Security series (continued from last one): http://blog.norsecorp.com/2015/02/04/mandatory-security-design-considerations-for-the-iot-ioe/
Michael S. Oberlaender | 3/1/2015 9:05:18 PM | COMMENTS(9)
NEW!! Last piece of my IoT Security series: Privacy and Humanity Elements for the IoT / IoE: #InfoSec #CyberSecurity #IoT #IoE #CISO #CSO #CTO #CIO #CEO #Privacy http://blog.norsecorp.com/2015/02/17/privacy-and-humanity-elements-for-the-iot-ioe/
Michael S. Oberlaender | 2/18/2015 4:15:28 PM | COMMENTS(0)

Documents & Publications: 183 total

Must be a Topic member to contribute
View All »
White Papers
Posted by ISACA 7 days ago
Books
Posted by ISACA 9 days ago
Cobit Related
Posted by ISACA 15 days ago
Books
Posted by ISACA 51 days ago

Events & Online Learning: 16 total

19 Aug 2013
ISACA International Event
San Francisco, CA, USA
14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 500 total

Volume 2, 2015
by Marcelo Hector Gonzalez, CISA, CRISC, and Jana Djurica
There are a number of definitions of Internet of Things (IoT), with all of them having slightly different meanings.
Volume 2, 2015
by Fredric Greene, CISSP
Selected processes from the COBIT 5 framework can improve the effectiveness of enterprise security in an organization.
Volume 2, 2015
by Larry G. Wlosinski, CISA, CISM, CRISC, CAP, CBCP, CDP, CISSP, ITIL V3
Information security events that affect cloud systems are occurring with no end in sight, so it should be no surprise that the cloud should be treated as a nonsecure environment with numerous threats and concerns.
Volume 2, 2015
by Kerry A. Anderson, CISA, CISM, CGEIT, CRISC, CCSK, CFE, CISSP, CSSLP, ISSAP, ISSMP
One of biggest budget busters for an information security program is technology solutions that are not a good match for the organization.
Volume 2, 2015
by Mauricio Rocha Lyra, Ph.D., COBIT Foundation, CTFL, ISO 20000, ITIL, MCSO, OCUP, PMP, RUP and Jose Carlos Ferrer Simoes
The transformations experienced by organizations due to technological advances has made information, arguably, an enterprise’s most valuable asset.
Volume 1, 2015
by Seemant Sehgal, CISA, CISM, BS7799 LI, CCNA, CEH, CIW Security Analyst, SABSA
Over the past few decades, cybersecurity has gained pivotal importance in the way businesses operate and survive in their value systems.

Wikis: 2 total

Blog Posts: 101 total

Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments
I saw Garry at the Sydney Chapter’s successful Strategic Planning event in July 2014.  He was animated and gregarious during the evening’s cocktail event and it felt good to see him again and catch...
Posted By : Rob Hanson | 0 comments
If you are still using excel for your governance, risk and compliance Maclear eGRC SuiteTM have put together a whitepaper to help you understand the benefits of automation and what to look for when selecting your solution. IT GRC Whitepaper includes: 1...
Posted By : SHAMU2015 | 0 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Telecoms in Uganda have busted a huge fraud scheme perpetuated by an international gang of criminals.This is how it was done:Fraudsters travel from abroad and buy local SIM cards of the different telecoms. In Uganda, the fraudsters bought SIM cards of all...
Posted By : Mustapha345 | 0 comments
Infosec community celebrates new versions of ISO 27001:2013 and ISO 27002:2013. Worth to look at:http://blog.iso27001standard.com/2013/10/08/infographic-new-iso-27001-2013-revision-what-has-changed and everyone should read the story of genesis of  ISO 270...
Posted By : Vilius | 1 comments