Blogs about: Security Program Development
Featured Blog
More on Staffing and Governance
I been tracking via this blog a good amount of search hits looking for security staffing and governance. Unfortunately when you search there is not much out on the Internet. If anyone is interested … more →
InfoSecAlways.com
More on Staffing and Governance
jtbevis wrote 1 month ago: I been tracking via this blog a good amount of search hits looking for security staffing and governa … more →
Security Survey Polls Added
jtbevis wrote 3 months ago: The polls are open! While visiting this site please check out the new IS Management page and contrib … more →
Authoritative List of Compliance Documents
jtbevis wrote 5 months ago: For anyone looking to find or understand the main key compliance documents across the following indu … more →
Working Toward ISO 17799/27001 Business Continuity Management Compliance
— 1 comment
jtbevis wrote 5 months ago: This document is written with the assumption that the organization follows ISO and has implemented m … more →
IT Security Spending 10% of IT Operating Budget
— 1 comment
jtbevis wrote 9 months ago: 10% of IT budget seems high. It would be nice if someone provided an industry breakdown. I can … more →
The Top Ten Convention Information Security Measures
jtbevis wrote 10 months ago: The Ten Most Important Things That The CSO Of The Republican and Democratic Conventions Should Be Do … more →
Risk Based Security Plan - Whitepaper
jtbevis wrote 1 year ago: This whitepaper has a good overview of key components of a risk based security plan, which have been … more →
Information Security Staffing – Skills Identification and Training Budget
jtbevis wrote 1 year ago: One of the key problems a security manger must tackle is defining the budget for security training. … more →
Disaster Recovery – Alternate Site Geographical Distance
— 1 comment
jtbevis wrote 1 year ago: There is an article that came out earlier from DRJ (Thomas L. Weems) based on a study that provides … more →
New Foundstone Blog
— 1 comment
jtbevis wrote 1 year ago: Its about time! Foundstone Professional Services has been added to the Avert Labs research blog. S … more →
Security Spending - How Much of IT Budget
— 2 comments
jtbevis wrote 1 year ago: There is an article on The Register web site claiming security spending has soared to 20% of the IT … more →
Extreme Social Engineering Paper
— 1 comment
jtbevis wrote 1 year ago: The PhishMe blog on building employee awareness to social engineering tactics was inspiring so I fin … more →
BS 31100 Code of Practice for Risk Management
— 2 comments
jtbevis wrote 1 year ago: The BS 31100 Code of practice for risk management is also out in draft form free to download and rev … more →
BS 25999-2 Business Continuity Management
jtbevis wrote 1 year ago: The BS 25999-2 Specification for business continuity management is out in draft form free to downloa … more →
MTA NYC Explosion: Poor Business Continuity
jtbevis wrote 1 year ago: It’s amazing that after so many disasters and crisis in NYC that the MTA (Metropolitan Transportatio … more →
Good HIPAA - RISK Assessment Topics
— 2 comments
jtbevis wrote 2 years ago: I came across a pretty good list of topics that Auditors ask for in a HIPAA audit. This is usually … more →
Roles & Responsibilities in Policy
— 6 comments
jtbevis wrote 2 years ago: Risk Assessments almost always produce one finding consistently. The finding is lack of roles and r … more →
Writing Effective Policies Part I
— 1 comment
jtbevis wrote 2 years ago: How do you write an effective policy that actually works? A coworker and I recently published a whi … more →
Upcoming Privacy and Security Panel in Las Vegas
— 2 comments
jtbevis wrote 2 years ago: For those who are interested I will be sitting on a panel in Las Vegas on May 22nd. The topic is … more →
Have your say. Start a blog.
See our free features →
An 
Production
