Blogs about: Information Security Management
Featured Blog
The Stuff Information Systems are Made Of
There are quite a few Turing-complete computer models, among them: Busy Beaver Random Access Stored Program Machine Counter Machine Von Neumann Architecture There are two reasons for using a informati… more →
Information Security Management Maturity Model
Information security strategy
Hrvoje Pernar wrote 1 day ago: Have you ever googled „information security strategy“? Try it yourself and see the results. What you … more →
Information security objectives / goals
Hrvoje Pernar wrote 1 month ago: What is an information security objective or goal? Could you state that your organisation’s in … more →
Definition of information security
Hrvoje Pernar wrote 1 month ago: According to wikipedia, information security means „protecting information and information systems f … more →
Information Security Management Workshop - TicketCounters.com
— 2 comments
radiantsystems wrote 5 months ago: Since, India is aspiring to be a Knowledge Superpower and importance of Information Security is imme … more →
Security Metrics
vaceituno wrote 5 months ago: A metric is a quantitative measurement that can be interpreted in the context of a series of previou … more →
Como roubar senhas pela corrente elétrica - INFO Online - (13/07/2009)
iberelrj wrote 5 months ago: Essa eu gostaria de ver funcionando… No momento duvido muito que seja possível Como roubar sen … more →
The Stuff Information Systems are Made Of
— 1 comment
vaceituno wrote 5 months ago: There are quite a few Turing-complete computer models, among them: Busy Beaver Random Access Stored … more →
Return On Security Investment
— 4 comments
vaceituno wrote 5 months ago: The information security industry recognizes both the necessity and the difficulty of carrying out a … more →
How secret is a secret?
vaceituno wrote 5 months ago: When a few know something and want to keep others from learning, that’s a secret. Everyone has secre … more →
Beyond authentication, authorization and accounting
— 3 comments
vaceituno wrote 8 months ago: A very common oversimplification of access control is: “authentication, authorization and acco … more →
Management level threats
— 1 comment
vaceituno wrote 8 months ago: A threat causes harm sometimes helped by a weakness, sometimes impeded by a countermeasure. A threat … more →
Business Modelling for Security
vaceituno wrote 8 months ago: One of the first steps for a new ISMS implementation project is finding out what would be the ISMS b … more →
Audit Standards vs Management Standards
— 1 comment
vaceituno wrote 8 months ago: Alex Hutton makes an interesting point in his post “There’s nothing wrong with the PCI DSS … more →
ISM3 v2.3 published
— 5 comments
vaceituno wrote 8 months ago: The main novelties are: Capability is not subjective any more. It depends on what types of metrics a … more →
The dangers of narrow scopes of applicability
vaceituno wrote 8 months ago: Accreditation of an ISMS can give you several choices. One choice is your Risk Assessment method, an … more →
Security Requirements Checklist
vaceituno wrote 9 months ago: This is a nearly comprehensive list of questions than help plan for the protection of a business sy … more →
What is ISM3 good for?
vaceituno wrote 9 months ago: There are several ways to take advantage of ISM3: For someone who is using ISO9001: Build your ISMS … more →
there is more to information security management than risk assessment and audit
— 1 comment
vaceituno wrote 11 months ago: Most ISMS standards emphasize Risk Assessment and Audit. These management practices leave other info … more →
The first cuckoo - predictions for 2009
wirszycz wrote 1 year ago: George O’Connor, the prolific analyst at Panmure Gordon is brilliant at finding relatively obscure y … more →
