Category Archives: Risk Management
Report on Cybersecurity Black Market, by RAND and Juniper
RAND has published an interesting report on the cybersecurity black market. This report “Markets for Cybercrime Tools and Stolen Data” was sponsored by Juniper . (direct link to pdf). This report is good reading for any security professional, worth to … Continue reading
Posted in Cloud Security, Cybersecurity, ICT Leadership and Management, Risk Management, Security Management, Security Threats, Security Training, Awareness and Reports
Comments Off on Report on Cybersecurity Black Market, by RAND and Juniper
Global State of Information Security Survey, by PwC
Global State of Information Security Survey by PwC is interesting reading. It contains several questions and answers from various fields of industry. Definitely worth to have a look.
Posted in ICT Leadership and Management, Risk Management, Security Management, Telecom Security
Comments Off on Global State of
Information Security
Survey, by PwC
Risk Management Toolkit for SME
VTT (Technical Research Centre of Finland) is coordinating risk management forum via PK-RH web site. The forum is shared by many stake holder organizations. In the PK-RH main page, Risk Management Toolkit is introduced. The toolkit contains various tools: Booklets: … Continue reading
Posted in Risk Management, Security Management, Security Training, Awareness and Reports
Comments Off on Risk Management Toolkit for SME
ISO Standards, Risk Management and Information Security Vocabularies
There are different vocabularies for Information Security. One good reference Risk Management is the ISO Guide 73 from 2009. For Information Security, one should look ISO 27000 from 2009. Unfortunately these standards are not free. For free vocabulary, it is … Continue reading
Posted in ICT Terminology, ISO, Risk Management, Security Terminology, Security Training, Awareness and Reports
Comments Off on ISO Standards, Risk Management and Information Security Vocabularies
HMG IA Standard No.1 – Technical Risk Assessment (2009)
There exist several Risk Assessment methods in addition to related ISO standards. This one from UK goverment contains also a worked example. It is worth to have a quick look. Document “HMG IA Standard No.1 – Technical Risk Assessment – … Continue reading
Posted in ICT Leadership and Management, Risk Management, Security Standardization and Practises
Comments Off on HMG IA Standard No.1 – Technical Risk Assessment (2009)
2011 Data Breach Investigations Report by Verizon
DBIR is a must to view for anyone working with the information security. 2011 report is available here.
Posted in Risk Management, Security Management, Security Training, Awareness and Reports
Comments Off on 2011 Data Breach Investigations Report by Verizon