Tag
ISO/IEC 27552 will be published in July 2019 as an extension ti ISO/IEC 27001 and ISO/IEC 27002. This standard is ISO's response to integrating Information Privacy Management Systems to existing Information Security Management Systems based on ISO/IEC 27001 in order to insure compliance with data privacy regimes such as the…
The Story of Daniel Seid, a PECB Certified ISO/IEC 27001 Master Looking back over the last decade, it’s remarkable how much PECB’s network has achieved and advanced professionally. Such advancement is not only a result of our training development and deliverables, but also of the ways by which we’ve been…
In late April this year, Facebook announced that it has set aside $3 to $5 billion to negotiate a settlement agreement with the US Federal Trade Commission over a complaint of mishandled users’ personal data, which emerged in light of to the Cambridge Analytica scandal in March 2018. The company’s…
Estonia is known as a pioneer in building e-country solutions. Some examples are e-government solutions, e-identity, e-voting, etc. My intention is to add to this list cybersecurity-related solutions, based on the fact that Estonia holds the number one position on the National Cyber Security Index (NCSI) ranking. I am not…
A politically inclined attack or just a ‘simple’ lack of security awareness? Whatever the case, the cyber-attack that hit Marriott was huge. This was the joint second largest data breach to take place, after Yahoo in 2013 and Equifax in 2017. A cyber attacker stole personal information including names, emails,…
We are all talking about the future of jobs. But the question that we should perhaps ask, the most essential one, is: How should those jobs look like (or what should those jobs be)? With the evolution of the nature of the job market, we are facing new realities and…
South Africa has a mature history of implementing management systems for key areas, specifically Quality, Environment and Health & Safety. This focus was driven by the large multinational organizations and the historically strong South African Mining industry which either were compelled to by regulatory or contractual drivers or did so…
Introduction Let us start with defining the following important terms; Backup, Information Security, and Information Assurance Backup In Information Technology, a backup is defined as a process of copying and archiving computer data that can be used to restore the original data after the occurrence of a data loss event…
Turning security assumptions around and have them work for you in agile. While agile development is going mainstream, information security is having difficulties to keep pace. The result of this struggle is that new systems are insecure, or that they are loaded with point solutions for security. What is so…
Securing critical business information has become increasingly important for growing organizations. Information Security Policies are effective tools to communicate management’s commitment and expectations from employees and stakeholders regarding security. The purpose of this article is to provide an overview of information security polices, including their objective, types, and development lifecycle.…
