Category Archives: ICT Standards
Survey of ISO certifications, results for 2015
ISO is having surveys about number of ISO certifications, it is worth to have a look 🙂 The table below is taken from the executive summary. There are also excel files available for each ISO standard that shows certifications per … Continue reading
Posted in ICT Leadership and Management, ICT Standards, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports
Comments Off on Survey of ISO certifications, results for 2015
Converting ISO 27002 into an excel and a graph
ISO 27002 “Code of practice for information security controls” list 144 controls with the same structure for all the controls. If one would like to work on these controls, like reusing them in another documentation or doing a presentation etc, … Continue reading
Posted in Anvanced Tools, DIY, ISO, Security Standardization and Practises, Tips, Tools
Comments Off on Converting ISO 27002 into an excel and a graph
STIX, Structured Threat Information eXpression, by Mitre
Structured Threat Information eXpression STIX is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. STIX Use Cases STIX sample This is from the training material. From samples page: STIX Tree Viewer … Continue reading
Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats
Comments Off on STIX, Structured Threat Information eXpression, by Mitre
Indicators of Compromise, OpenIOC and CyBOX
Indicator of compromise IOC IOC in computer forensics is an artifact observed on a network or in operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files … Continue reading
Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats
Comments Off on Indicators of Compromise, OpenIOC and CyBOX
internet evolution slide, by ETSI
The following “Internet evolution” drawing has been on the different slides in ETSI workshops. It can be found in slide 4 in the M2M architecture overview presentation. It nicely compares “Internet of content”, “Internet of services”, “Internet of people” and … Continue reading
Posted in ETSI, ICT, ICT Terminology, ICT Training and Courses
Comments Off on internet evolution slide, by ETSI
Cloud Service Level Agreement Standardisation Guidelines, by C-SIG (europe)
Interesting document “Cloud SLA standardization guidelines” is available at the Digital Agenda for Europe site. The work has been done by the C-SIG (Cloud Select Industry Group) subgroup, and they are contributing this as input for the new standard ISO/IEC … Continue reading
Posted in Cloud Standards, ICT Leadership and Management, ICT Standards, Privacy, Security Standardization and Practises
Comments Off on Cloud Service Level Agreement
Standardisation Guidelines, by C-SIG (europe)
Updated ISO 27000, 27001 and 27002
The most important Information Security Management standard has been updated. 27000:2012 Overview and vocabulary download 27001:2013 Requirements 27002:2013 Code of practice for information security controls Other Links The new version of ISO/IEC 27001:2013 is here Transition Guide Mapping Guide 27001:2013 … Continue reading
Posted in ICT News, ICT Standards, ISO, Security Management, Security News, Security Standardization and Practises
Comments Off on Updated ISO 27000, 27001 and 27002