Tags » Information Security
Part V: Requirements 4. Malware protection, and 5. Patch management
Malware protection software is a necessary cyber security requirement. We all have knowledge of malware threats in one form or another and experience teaches us to be wary of certain links and email attachments. 1,647 more words
Requirement 2. Secure configuration, and 3. User access control
The second Cyber Essentials Requirement references ‘secure configuration’. At this point, I am reminded of The Security Configuration Benchmarks that are distributed free of charge to propagate their worldwide use and adoption as user-originated, de facto standards. 1,790 more words
Technical Requirements for Basic Protection from Cyber Attack
Standardised approaches to cyber security will be a feature of the IT world in 2015 and beyond. There’s simply too much cyber crime and hostile activity on the part of rogue Governments opposed to the Western dominance economically and geo-politically to ignore the problem – even if red tape and tick boxes are not what the ‘deregulators’ say they want. 1,451 more words
Does Cyber Essentials involve any form of Risk Assessment?
A question that I posed to BIS and GCHQ at the ISO27001 User Group in August this year. 1,219 more words
What is the Cyber Essentials Scheme – and will Business buy in?
The Jury is assembling. What will businesses make of the UK Government’s ideas on cyber security controls, and is Cyber Essentials worth the cost? 1,393 more words
Documentation Requirements set out in ISO/IEC 27001:2013
For those of you who are currently ‘transitioning’ to the 2013 version of ISO27001, and who want to keep any additional workload down to a bare minimum, let’s start with the optimistic news: No changes should be required to your existing documented procedures concerning control of documentation. 1,176 more words