Category Archives: Security Certifications

Both for individuals and companies.

Process reference model (PRM) for ISMS (ISO 27001)

ISO TS 33052:2016 “Process reference model (PRM) for information security management” is in interesting document which can be useful when evaluating the possible ways to implement the information security management system (ISMS) processes (see ISO 27001 ISMS requirements). This Technical … Continue reading

Posted in Security Certifications, Security Management, Security Standardization and Practises | Comments Off

Cyber essentials

Cyber Essentials scheme is one of the actions under the UK Government policy “Keeping the UK safe in cyber space“. The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement … Continue reading

Posted in Cybersecurity, ICT Regulation, Risk Management, Security Certifications, Security Standardization and Practises | Comments Off

True Cost of Compliance, by Ponemon & Tripwire

Ponemon Institute has created a report, commissioned by Tripwire, about the cost of compliance. This is good material to look for any security manager. Ponemon Institute and Tripwire Inc. conducted The True Cost of Compliance research to determine the full … Continue reading

Posted in Security Certifications, Security Management, Security Training, Awareness and Reports | Comments Off

McAfee’s Risk and Compliance Outlook Report

Report produced by McAfee is interesting reading for having a view on risk and compliance challenges within companies. McAfee retained Evalueserve to conduct an independent assessment of the factors organizations that use risk and compliance products face in 2012. This … Continue reading

Posted in ICT Leadership and Management, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

Verizon’s Payment Card Industry Compliance Report

Verizon’s Payment Card Industry Compliance Report 2011 is available. It is good material to look if one wishes to have a view on PCI status. This report analyzes findings from actual Payment Card Industry (PCI) Data Security Standard (DSS) assessments … Continue reading

Posted in ICT Leadership and Management, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

Common Criteria, main links

Wikipedia: Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products … Continue reading

Posted in ISO, Security Certifications, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

Security Certification directory

CSO Online article “The Security Certification Directory” contains a good list in this subject. The directory is divided into categories: Information Security certifications, like Certificate of Cloud Security Knowledge Certified Information Systems Professional, CISSP Global Information Assurance Certification (GIAC) Certified … Continue reading

Posted in Security Certifications, Security Management | Comments Off