Category Archives: Security
IT Law wiki, ICT related encyclopedia
In addition to wikipedia, IT Law wiki is a good complementary information site. And the content at IT law wiki is more specific to ICT. Comparison “IT Law wiki” <-> Wikipedia IT Law wiki Wikipedia Cybercrime Cybercrime Surveillance Surveillance Policy … Continue reading
Posted in Definitions, ICT Leadership and Management, ICT Terminology, Security Management, Security Terminology, Security Training, Awareness and Reports
Comments Off on IT Law wiki, ICT related encyclopedia
Application Security Weaknesses, OWASP Top 10
OWASP (Open Web Application Security Project) is maintaining top 10 list of most common application vulnerabilities/weaknesses. Injection Broken Authentication and Session Management Cross-Site Scripting (XSS) Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site … Continue reading
Posted in Security Management, Security Standardization and Practises, Security Threats, Security Training, Awareness and Reports
Comments Off on Application Security Weaknesses, OWASP Top 10
Updated ISO 27000, 27001 and 27002
The most important Information Security Management standard has been updated. 27000:2012 Overview and vocabulary download 27001:2013 Requirements 27002:2013 Code of practice for information security controls Other Links The new version of ISO/IEC 27001:2013 is here Transition Guide Mapping Guide 27001:2013 … Continue reading
Posted in ICT News, ICT Standards, ISO, Security Management, Security News, Security Standardization and Practises
Comments Off on Updated ISO 27000, 27001 and 27002
EU Directive 2013/40/EU on attacks against information systems
There is a new EU Directive 2013/40/EU, which defines following as offences: Illegal access to information systems Illegal system interference Illegal data interference Illegal interception Tools used for committing offences Transposition: Member States shall bring into force the laws, regulations … Continue reading
Posted in ICT Regulation, Security News, Security Training, Awareness and Reports
Comments Off on EU Directive 2013/40/EU on attacks against information systems
Good to Know, Critical Controls for Effective Cyber Defense
Often referred as “SANS Twenty Critical Security Controls for Effective Cyber Defense“, is a collection of controls which are believed to have the greatest impact in improving risk posture against real-world threats. There is no shortcut or “miracle medicin” when … Continue reading
Posted in Cybersecurity, SANS, Security Management, Security Organizations, Security Training, Awareness and Reports, Tips
Comments Off on Good to Know, Critical Controls for Effective Cyber Defense
Avira Free Antivirus, Tool for basic protection
There are several different antivirus programs on the market. One of the free alternatives is Avira . One can configure real-time scan mode (reading/writing), update frequency etc. Plus: Simple GUI No learning curve The scan mode settings might slow down … Continue reading
Posted in Basic Tools, Recommended Free Tools, Security Products and Solutions
Comments Off on Avira Free Antivirus, Tool for basic protection
Global Information Security Workforce Study, by ISC2
ISC2 is publishing yearly “Global Information Security Workforce Study” in co-operation with Frost & Sullivan. The 2013 revision is available here. It provides several graphics, and therefore it is easy to browse through the material. There is also a short … Continue reading
Posted in Security Management, Security News, Security Training, Awareness and Reports
Comments Off on Global Information Security Workforce Study, by ISC2