Cyber Security Archive
More and more organizations are looking for guidance on implementing and certifying to ISO 27001. But what exactly is ISO 27001? What does it require? Many clients with an IT or technical background expect a list of security controls – …
What is the CMMC (Cybersecurity Maturity Model Certification)? The CMMC is a new cybersecurity standard for companies working with the U.S. DoD (Department of Defense) and its data. This framework will serve as a tiered certification scheme to help the …
As data privacy requirements become stricter across all states in the U.S., adoption of the information security standard ISO 27001 is becoming increasingly popular. Compliance with ISO 27001 requires continual monitoring and regular reviews of your ISMS (information security management …
Data breach notification requirements are complex in the US, with various federal and state laws. Many of them contain broad requirements for the circumstances that breaches should be reported and the timeframe for doing so. Indeed, some of these laws …
With 5 million certified professionals, ITIL® is the most widely used ITSM (information technology service management) framework in the world. The latest version – ITIL 4 – was released by AXELOS® in February 2019. It’s a completely new approach to ITSM, and requires practitioners to update their …
Last week your CEO opened an email about chimpanzees in ties trashing an office. You’ve just learned the email contained malware, which has been exfiltrating valuable data to an IP address in Iran. After a brief panic attack, you start …
Let us assume you work for a company based in the U.S. Maybe you’ve heard of the European GDPR (General Data Protection Regulation). Perhaps you even heard about its requirements for cybersecurity and protecting personal information. Then you think to …
Have you ever wondered whether your organization should become certified to ISO 27001? ISO 27001 provides the specification for an effective ISMS (information security management system) – a framework that offers a structured, comprehensive approach to managing information security risks. …
Information security management remains a serious issue for the legal sector, with law firms reporting an increase in targeted attacks in 2018. Large volumes of client funds and confidential information are irresistible to cyber criminals, so it is unsurprising that …
Completing a risk assessment is often the most challenging and difficult aspect of an ISO 27001 project. Regardless of the tools you use, the risk assessment must take into account many elements, such as assets, threats, vulnerabilities, and controls, and …
