Category Archives: Security Standardization and Practises
ETSI Security Workshop 2012
Material from ETSI Security Workshops is usefull information for learning and understanding what is happening in the industry. Here are the main links: Permanent link to latest workshop Link to 2012 workshop Presentations of the 2012 workshop
Posted in ETSI, ICT Training and Courses, Security Standardization and Practises, Security Training, Awareness and Reports, Telecom Security
Comments Off on ETSI Security Workshop 2012
ETSI Security Whitepaper 2012
ETSI has published new revision of their security whitepaper . ETSI in Wikipedia: The European Telecommunications Standards Institute (ETSI) is an independent, non-profit, standardization organization in the telecommunications industry in Europe, with worldwide projection. ETSI has been successful in standardizing … Continue reading
Posted in ETSI, ICT Standards, ICT Training and Courses, Security Standardization and Practises, Telecom Security
Comments Off on ETSI Security Whitepaper 2012
Common Criteria, main links
Wikipedia: Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products … Continue reading
Posted in ISO, Security Certifications, Security Standardization and Practises, Security Training, Awareness and Reports
Comments Off on Common Criteria, main links
BSIMM3, Security Maturity and Software Development
BSIMM3 is model tool to compare your maturity against the industry average (earth), see figure below. BSIMM = The Building Security In Maturity Model 42 companies has particpated on this BSIMM project. Some of the company names are public: Adobe, … Continue reading
Posted in ICT News, Security Standardization and Practises
Comments Off on BSIMM3, Security Maturity and Software Development
Asmonia Project, addressing security in Mobile Networks
ASMONIA Project is an interesting approach to address security in Mobile Networks. For persons working on the field, it is worth to look on this material. ASMONIA = Attack analysis and Security concepts for MObile Network infrastructures, supported by collaborative … Continue reading
Posted in ICT News, Security Standardization and Practises, Telecom Security
Comments Off on Asmonia Project, addressing security in Mobile Networks
Continuous Security Monitoring, new draft by NIST
NIST has produced an interesting set of drafts related to Continuous Monitoring(CM). Continuous Monitiring here can be explained by sentence: “Continuous security monitoring is a risk management approach to Cybersecurity that maintains a picture of an organization’s security posture, provides … Continue reading
Posted in Cybersecurity, ICT News, NIST, Security Standardization and Practises
Comments Off on Continuous Security Monitoring, new draft by NIST
ISO 27001 Training videos
There exist nice video set about ISO 27001, presented by Martin Dion. Worth to watch! The tree videos available are: ISO 27001 JanuaryTraining: Introduction to standards (ISO, NIST, PCI etc) ISO 27001 FebruaryTraining Information Security Roles and Responsibilities ISO 27001 … Continue reading
Posted in ISO, Security Standardization and Practises, Security Training, Awareness and Reports
Comments Off on ISO 27001 Training videos