Category Archives: Security Management
Microsoft Security Intelligence Report
Security Intelligence Reports are available at Microsoft site. What it is? Microsoft Security Intelligence Report provides in-depth perspectives on software vulnerabilities in Microsoft and third-party software, exploits, malicious code threats, and potentially unwanted software. The SIR website also includes deep … Continue reading
Posted in Security Incidents and Cases, Security Management, Security Threats, Security Training, Awareness and Reports
Comments Off on Microsoft Security Intelligence
Report
2013 TMT Global Security Study, by Deloitte
Deloitte is producing interesting material. For example the 2013 TMT Global Security Study and related infographic The updates for 2014 might come in the beginning of the year? Links Technology, Media & Telecommunications Technology, Media & Telecommunications Predictions 2013 TMT … Continue reading
Posted in ICT Leadership and Management, Security Management, Security News, Security Threats, Security Training, Awareness and Reports
Comments Off on 2013 TMT Global Security Study, by Deloitte
IT Law wiki, ICT related encyclopedia
In addition to wikipedia, IT Law wiki is a good complementary information site. And the content at IT law wiki is more specific to ICT. Comparison “IT Law wiki” <-> Wikipedia IT Law wiki Wikipedia Cybercrime Cybercrime Surveillance Surveillance Policy … Continue reading
Posted in Definitions, ICT Leadership and Management, ICT Terminology, Security Management, Security Terminology, Security Training, Awareness and Reports
Comments Off on IT Law wiki, ICT related encyclopedia
Application Security Weaknesses, OWASP Top 10
OWASP (Open Web Application Security Project) is maintaining top 10 list of most common application vulnerabilities/weaknesses. Injection Broken Authentication and Session Management Cross-Site Scripting (XSS) Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site … Continue reading
Posted in Security Management, Security Standardization and Practises, Security Threats, Security Training, Awareness and Reports
Comments Off on Application Security Weaknesses, OWASP Top 10
Updated ISO 27000, 27001 and 27002
The most important Information Security Management standard has been updated. 27000:2012 Overview and vocabulary download 27001:2013 Requirements 27002:2013 Code of practice for information security controls Other Links The new version of ISO/IEC 27001:2013 is here Transition Guide Mapping Guide 27001:2013 … Continue reading
Posted in ICT News, ICT Standards, ISO, Security Management, Security News, Security Standardization and Practises
Comments Off on Updated ISO 27000, 27001 and 27002
Good to Know, Critical Controls for Effective Cyber Defense
Often referred as “SANS Twenty Critical Security Controls for Effective Cyber Defense“, is a collection of controls which are believed to have the greatest impact in improving risk posture against real-world threats. There is no shortcut or “miracle medicin” when … Continue reading
Posted in Cybersecurity, SANS, Security Management, Security Organizations, Security Training, Awareness and Reports, Tips
Comments Off on Good to Know, Critical Controls for Effective Cyber Defense
Global Information Security Workforce Study, by ISC2
ISC2 is publishing yearly “Global Information Security Workforce Study” in co-operation with Frost & Sullivan. The 2013 revision is available here. It provides several graphics, and therefore it is easy to browse through the material. There is also a short … Continue reading
Posted in Security Management, Security News, Security Training, Awareness and Reports
Comments Off on Global Information Security Workforce Study, by ISC2