Category Archives: Security Certifications

Both for individuals and companies.

Survey of ISO certifications, results for 2015

ISO is having surveys about number of ISO certifications, it is worth to have a look 🙂 The table below is taken from the executive summary. There are also excel files available for each ISO standard that shows certifications per … Continue reading

Posted in ICT Leadership and Management, ICT Standards, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on Survey of ISO certifications, results for 2015

Process reference model (PRM) for ISMS (ISO 27001)

ISO TS 33052:2016 “Process reference model (PRM) for information security management” is in interesting document which can be useful when evaluating the possible ways to implement the information security management system (ISMS) processes (see ISO 27001 ISMS requirements). This Technical … Continue reading

Posted in Security Certifications, Security Management, Security Standardization and Practises | Comments Off on Process reference model (PRM) for ISMS (ISO 27001)

Cyber essentials

Cyber Essentials scheme is one of the actions under the UK Government policy “Keeping the UK safe in cyber space“. The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement … Continue reading

Posted in Cybersecurity, ICT Regulation, Risk Management, Security Certifications, Security Standardization and Practises | Comments Off on Cyber essentials

True Cost of Compliance, by Ponemon & Tripwire

Ponemon Institute has created a report, commissioned by Tripwire, about the cost of compliance. This is good material to look for any security manager. Ponemon Institute and Tripwire Inc. conducted The True Cost of Compliance research to determine the full … Continue reading

Posted in Security Certifications, Security Management, Security Training, Awareness and Reports | Comments Off on True Cost of Compliance, by Ponemon & Tripwire

McAfee’s Risk and Compliance Outlook Report

Report produced by McAfee is interesting reading for having a view on risk and compliance challenges within companies. McAfee retained Evalueserve to conduct an independent assessment of the factors organizations that use risk and compliance products face in 2012. This … Continue reading

Posted in ICT Leadership and Management, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on McAfee’s Risk and Compliance Outlook Report

Verizon’s Payment Card Industry Compliance Report

Verizon’s Payment Card Industry Compliance Report 2011 is available. It is good material to look if one wishes to have a view on PCI status. This report analyzes findings from actual Payment Card Industry (PCI) Data Security Standard (DSS) assessments … Continue reading

Posted in ICT Leadership and Management, Security Certifications, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on Verizon’s Payment Card Industry Compliance Report

Common Criteria, main links

Wikipedia: Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products … Continue reading

Posted in ISO, Security Certifications, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off on Common Criteria, main links