Category Archives: Security Training, Awareness and Reports
Annual Global Security Report, by Trustwave
Trustwave is maintaining the annual report on their Global Security Report page. The content of the 2014 report is well presented and structured, and easy to read (without heavy and long sentences). Definitely worth to look. One example page is … Continue reading
Posted in Security, Security Incidents and Cases, Security News, Security Training, Awareness and Reports
Comments Off on Annual Global Security Report, by Trustwave
POS malware, some links to material
Increasing number of attacks has been taken against Point of Sales devices and systems. There are several good overviews and materials on this topic, and those are revealing details of the technics used in these targeted attacks. Main sources PoS … Continue reading
Posted in Risk Management, Security Incidents and Cases, Security Management, Security News, Security Threats, Security Training, Awareness and Reports
Comments Off on POS malware, some links to material
Data Breach reports, by ITRC
Identity Theft Resource Center (ITRC) has been tracking security breaches since 2005, looking for patterns, new trends and any information that may better help us to educate consumers and businesses on the need for understanding the value of protecting personal … Continue reading
Posted in ICT, Security Incidents and Cases, Security Threats, Security Training, Awareness and Reports
Comments Off on Data Breach reports, by ITRC
Privacy Impact Assessment
For Good Information Sources for Privacy Impact Assessment (PIA), please have a look at ico.org.uk’s PIA page and Guide Conducting privacy impact assessments code of practice. Steps Identify the need for a PIA Describe the information flows Identify the privacy … Continue reading
Posted in ICT Regulation, Privacy, Security Management, Security Training, Awareness and Reports
Comments Off on Privacy Impact Assessment
Publicly available ISO standards: security & privacy related
It is good to know that some freely available ISO standards are related to security and privacy (Reference: Publicly Available Standards). For example ISO 27000 and ISO 29100 are freely available. Security Management ISO 27000 Information security management systems – … Continue reading
Posted in Security Management, Security Standardization and Practises, Security Terminology, Security Training, Awareness and Reports
Comments Off on Publicly available ISO standards: security & privacy related
Report on Cybersecurity Black Market, by RAND and Juniper
RAND has published an interesting report on the cybersecurity black market. This report “Markets for Cybercrime Tools and Stolen Data” was sponsored by Juniper . (direct link to pdf). This report is good reading for any security professional, worth to … Continue reading
Posted in Cloud Security, Cybersecurity, ICT Leadership and Management, Risk Management, Security Management, Security Threats, Security Training, Awareness and Reports
Comments Off on Report on Cybersecurity Black Market, by RAND and Juniper
Outlook tip: Avoid email sending mistakes by rules and categories
It is a common mistake is to send an email to someone without intention. For example, by quickly replying to an internal email without realizing that there were external recipients included in the distribution list. This blog is about avoiding … Continue reading
Posted in Security Training, Awareness and Reports, Tips
Comments Off on Outlook tip: Avoid email sending mistakes by rules and categories