Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Should we trust analysts’ reports and predictions?

Should we trust analysts’ reports and predictions? If yes,which one, especially in regard to securi...

Dragan Pleskonjic @ 11/29/2017 3:09 PM | Comments (0)

Security Predictions

Is it possible to use crowd-sourced security intelligence to predict future events?For this exercis...

Dragan Pleskonjic @ 11/9/2017 7:33 AM | Comments (4)

Software Integrity Checks

Is it possible to conduct a software integrity checks on in-scope components upon start-up or at le...

Chris Sivaprakash Kumanan @ 10/24/2017 12:06 AM | Comments (2)

Cybersecurity Framework

There are many cybersecurity frameworks; from NIST CSF to ISO 27001 and CobIT, etc.I am trying to g...

rbrenis @ 6/27/2017 12:12 PM | Comments (0)

Research on Information Security Management Systems standards and frameworks

Hi,Recently I am carrying out a research on ISMS standards and frameworks. The primary aim of my re...

KAI720 @ 6/14/2017 9:11 AM | Comments (2)

Ransomware-as-a-service

http://searchsecurity.techtarget.com/news/450417110/Cheap-ransomware-as-a-service-arrives-for-malic...

Derrick030 @ 4/20/2017 7:55 AM | Comments (0)

Security Conference Value to CISO

http://searchsecurity.techtarget.com/answer/Are-cybersecurity-conferences-valuable-to-CISOs?utm_con...

Derrick030 @ 4/19/2017 8:27 AM | Comments (0)

IoT in HR quantifying employees

http://www.foxbusiness.com/features/2017/03/15/internet-things-in-hr-quantifying-employees.html

Derrick030 @ 4/18/2017 12:41 PM | Comments (0)

Microsoft – Fastest growing Cyber Security Company

Most often, cyber security professionals make fun of Microsoft products until few years ago. Its du...

rasoolirfan @ 3/21/2017 1:49 AM | Comments (0)

A Better Solution to Passwords?

Interesting article yesterday about what Google is trying as an alternative to passwords. While wel...

Theodore817 @ 5/25/2016 7:03 AM | Comments (3)

LinkedIn - Fake Profiles

There are a significant number of fake profiles on LinkedIn with the tactics being used continually...

Phil Green @ 1/9/2016 6:40 AM | Comments (1)

CyberSecurity 65 Essential Privacy Questions to ask your service provider

PrivacyImpact Assessment QuestionnaireThe following questionnaire hasbeen designed to assist the pr...

Mark E.S. Bernard @ 12/30/2015 9:24 AM | Comments (5)

11 Essential security processes for effective CyberSecurity Program

CyberSecurity 11 Essential practices• Governance• Risk Management• Compliance Management• Vulnerabi...

Mark E.S. Bernard @ 12/30/2015 9:16 AM | Comments (3)

Top 10 Predictions for 2016 CyberSecurity

Top 10 Predictions for 2016•Moregovernment and commercial organizations are going to be breached.•M...

Mark E.S. Bernard @ 12/30/2015 9:01 AM | Comments (1)

Data Breaches - This time it's personal!

Although not 100% perfect, this article gives and extremely good overview of what is happening, the...

Phil Green @ 12/16/2015 2:11 AM | Comments (0)

RE: Security Predictions

I predict that 20% of firms will be 100% PCI DSS compliant with TLS 1.0 and Weak Cryptography by 30...

Don Turnblade @ 11/30/2017 1:00 PM

RE: Security Predictions

If Certificate Trust Issues are ignored, the Qualys: https://ssllabs.com/ssltest/ gives the website...

Don Turnblade @ 11/30/2017 12:52 PM

RE: Security Predictions

Good point! Just 13 comments (predictions) there so far. Thanks. Hopefully there will be more.

Dragan Pleskonjic @ 11/22/2017 3:41 PM

RE: Security Predictions

I predict few will go to the unknown website due to security concerns!

Richard521 @ 11/22/2017 3:27 PM

RE: Software Integrity Checks

Wikipedia even has a list of worthy vendors to consider. https://en.wikipedia.org/wiki/File_integri...

Don Turnblade @ 10/26/2017 12:32 PM

RE: Software Integrity Checks

There are many such tools. From the PCI DSS standard these are Call FIM (File Integrity Monitoring)...

Don Turnblade @ 10/26/2017 12:26 PM

RE: 11 Essential security processes for effective CyberSecurity Program

I would argue that there is an implied sub-skill that both ISO 31000 and FAIR are pointing at. The ...

Don Turnblade @ 7/6/2017 12:24 PM

RE: Research on Information Security Management Systems standards and frameworks

Thanks, Richard. The survey is closed. 

KAI720 @ 6/29/2017 4:11 AM

RE: 11 Essential security processes for effective CyberSecurity Program

Lists like these can help a lot in the security practice of a firm starting out on their cybersecur...

Richard521 @ 6/28/2017 4:25 PM

I am afraid the survey is closed already

I am afraid the survey is closed already

Richard521 @ 6/28/2017 3:36 PM

RE: Enterprise Security Management System Reference Architecture

Hi Mark, can I invite you to participate an online survey on ISMS standards and frameworks. online ...

KAI720 @ 6/16/2017 4:18 AM

RE: ISACA Ireland Needs YOU!

Hope you don't mind if I post my online survey here. Recently I am carrying out a research on ISMS ...

KAI720 @ 6/14/2017 9:37 AM

RE: A Better Solution to Passwords?

what is N factor or Statistical authentication means?

Ramakrishna593 @ 2/22/2017 12:05 AM

Best of breed or single vendor solution ?

I was interested in people's view on how they select solutions once they are ready to implement the...

JayMIET927 @ 11/7/2014 5:25 PM | Comments (7)

CyberSecurity 65 Essential Privacy Questions to ask your service provider

PrivacyImpact Assessment QuestionnaireThe following questionnaire hasbeen designed to assist the pr...

Mark E.S. Bernard @ 12/30/2015 9:24 AM | Comments (5)

Dissecting and Demystifying a Risk Management Program

Risk Management is important to every organization, it allows them to adjust priorities based on ne...

Mark E.S. Bernard @ 4/2/2014 11:08 PM | Comments (4)

EA the new ICFR Framework

The scope and intent of Enterprise Architecture puts it into an ideal situation to leverage for est...

Mark E.S. Bernard @ 2/18/2012 9:15 AM | Comments (4)

Data card security

HI,How will esnure ISO 27001 compliance in a mobile user dominated envirnoment where most of users ...

Dipti Shroff @ 1/31/2011 10:49 PM | Comments (4)

Outsourcing Security

When outsourcing components of IT, security is one of those areas that normally remains internal to...

SArndt @ 1/25/2014 8:22 AM | Comments (4)

Security Predictions

Is it possible to use crowd-sourced security intelligence to predict future events?For this exercis...

Dragan Pleskonjic @ 11/9/2017 7:33 AM | Comments (4)

Technical Skills No Longer Matter

"Those of us in information technology must begin to acknowledge that our long-term success wi...

Mark E.S. Bernard @ 3/7/2012 6:18 AM | Comments (4)

Trends in Security

Hello everyone,Thank you for participating in this group.  The Guidance and Practices Committee is ...

Shannon Donahue @ 10/15/2010 3:11 PM | Comments (3)

11 Essential security processes for effective CyberSecurity Program

CyberSecurity 11 Essential practices• Governance• Risk Management• Compliance Management• Vulnerabi...

Mark E.S. Bernard @ 12/30/2015 9:16 AM | Comments (3)

A Better Solution to Passwords?

Interesting article yesterday about what Google is trying as an alternative to passwords. While wel...

Theodore817 @ 5/25/2016 7:03 AM | Comments (3)

CyberSecurity Validation Change Control

Changes to CyberSecurity software and infrastructure must be documented and validated. This require...

Mark E.S. Bernard @ 8/30/2014 7:15 PM | Comments (2)

CISM needs to Evolve

Changes are due for the CISM. Since 2006 ISACA has mad some cosmetic changes by integrating Securit...

Mark E.S. Bernard @ 4/15/2012 10:36 AM | Comments (2)

Software Integrity Checks

Is it possible to conduct a software integrity checks on in-scope components upon start-up or at le...

Chris Sivaprakash Kumanan @ 10/24/2017 12:06 AM | Comments (2)

Virtualized Environments

I consider virtualization to be a general technology trend with significant security implications. ...

JasonY @ 10/14/2012 7:09 PM | Comments (2)