The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Month: March 2012

March 31, 2012

Help on ISO-27000 SoA

This kind of question keeps coming up, many people are unclear about the Statement of Applicability on ISO-27000. The  SoA should outline the measures…

March 24, 2012

Surely compliance is binary?

Call me a dinosaur (that’s OK, since its the weekend and dressed down to work in the garden) but … Surely COMPLIANCE is a…

March 23, 2012

Social Engineering and sufficency of awareness training

Someone asked: If you have a good information security awareness amongst the employees then it should not a problem what kind of attempts are…

March 22, 2012

Orwell: a quarter of a century late

http://hdguru.com/is-your-new-hdtv-watching-you/7643/ well 28 years actually … So, the two-way tv sets of Orwell’s novel have arrived, over a quarter of a century late! It…

March 18, 2012

About ISO 27001 Risk Statement and Controls

On the ISO27000 Forum list, someone asked: I’m looking for Risk statement for each ISO 27k control; meaning “what is the risk of not…

March 7, 2012

The 19 most maddening security questions | Security – InfoWorld

http://www.infoworld.com/d/security/the-19-most-maddening-security-questions-187983 An interesting list, since it covers issues of public structural security. I recall reading that the greatest contribution to the health of individuals…

March 6, 2012

Naval War College uses Russian software for iPad course material

http://www.nextgov.com/nextgov/ng_20120305_6368.php The Navy’s premier institution for developing senior strategic and operational leaders started issuing students Apple iPad tablet computers equipped with GoodReader software in…

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

March 2012
M T W T F S S
 1234
567891011
12131415161718
19202122232425
262728293031  
« Feb   Apr »

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Brian Krebs
  • Stupid Security
  • Kill-HUP.com
  • Bruce Schneier
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme