Category Archives: Security Management
Common Sense Guide to Mitigating Insider Threats
Software Engineering Institute has published the latest revision of the “Common Sense Guide to Mitigating Insider Threats“. It is good reading for any security manager, and provides 19 practises that each organization should implement. Definition Malicious insider is defined as … Continue reading
Posted in Security Management, Security Standardization and Practises, Security Training, Awareness and Reports
Comments Off on Common Sense Guide to Mitigating Insider Threats
2012 Global Information Security Survey, by Ernst & Young
Ernst & Young has published their latest survey “2012 Global Information Security Survey“. This is a good information source. At the report page, there is an interactive tool to see some of the results. Below 2 such examples are shown … Continue reading
Posted in ICT Leadership and Management, Security Management, Security Training, Awareness and Reports
Comments Off on 2012 Global Information Security Survey, by Ernst & Young
Information Security Breaches survey 2013 (UK), by PwC
BIS has published the latest security breaches survey. Again, in addition to other reports, it is worth to have a look. About BIS: The Department for Business, Innovation & Skills (BIS) is the department for economic growth. The department invests … Continue reading
Posted in ICT Business, ICT Leadership and Management, Security Management, Security Training, Awareness and Reports
Comments Off on Information Security Breaches survey 2013 (UK), by PwC
ENISA Threat Landscape
ENISA has published (jan 2013) a report called Threat Landscape. It is good reading for seeing the current trends… The ENISA Threat Landscape provides an overview of threats, together with current and emerging trends. It is based on publicly available … Continue reading
Posted in ENISA, ICT Leadership and Management, Security Management, Security Threats, Security Training, Awareness and Reports
Comments Off on ENISA Threat Landscape
Annual IT Barometer, by Finnish Information Processing Association
The annual IT barometer is good source of information for persons interested on significance and utilization of IT. The annual IT barometer of the Finnish Information Processing Association studies the significance of IT for the executives of Finnish companies. We … Continue reading
Posted in ICT Business, ICT Leadership and Management, Security Management, Security Training, Awareness and Reports
Comments Off on Annual IT Barometer, by Finnish Information Processing Association
Cyber risk reports by HP
HP has published the latest revision of their report, available via Security Intelligence and Risk Management page. The HP 2012 Cyber Risk Report is an annual collaboration among groups within HP Enterprise Security Products that gives organizations a view into … Continue reading
Posted in Cybersecurity, Security Incidents and Cases, Security Management, Security Training, Awareness and Reports
Comments Off on Cyber risk reports by HP
Flow diagram of payment card data, or personal data, in the cloud
The recent PCI DSS Information supplement “PCI DSS Cloud Computing Guidelines” emphasizes the same message as earlier guidelines like ISO standard “29100 Privacy Framework“ NIST SP 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) NIST SP 800-122: … Continue reading
Posted in Cloud Security, Privacy, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports
Comments Off on Flow diagram of payment card data, or personal data, in the cloud