Notice Bored

APRIL 20, 2022

When you acquire or provide professional services, how do you address the associated information risks? Professional services are information-centric: information is the work product , the purpose, the key deliverable.

Risk 72

Risk Energy and Utilities Computers and Electronics Telecommunications 72

Notice Bored

JUNE 23, 2022

Design plan' hints at the organisation having developed an information risk and security architecture. The expansive German infosec standard IT-Grundschutz talks of the RTP in terms of a project plan. Good move, although personally as a fan of security engineering I'd have preferred an explicit mention and further guidance on that.

Risk 63

Risk Architecture Accountability InfoSec 63

Notice Bored

MARCH 14, 2022

Controls against fraud perpetrated by insiders (managers or staff), partners, outsiders/unknown parties, and potentially several (collusion) is another weak area in the standard. Oversight, for instance, is a valuable control (or rather, a cloud of related controls) that is almost universally applicable.

Risk 66

Risk Information Security Surveillance Architecture 66

ForAllSecure

MAY 2, 2023

I’m Robert Vamosi and in this episode I’m talking about online criminal investigations conducted by someone who is inside the infosec community, and how your social media posts -- no matter how good you think you are about hiding -- can reveal a lot about your true identity. Daniel, he keeps a low profile. CLEMENS: I do.

Hacking 40

Hacking Media InfoSec Internet 40

eSecurity Planet

DECEMBER 19, 2023

Ricardo Villadiego, founder & CEO of Lumu , expects “a significant shift towards adopting models based on passwordless architectures like Google Passkeys as the dominant authentication method to combat phishing and scam campaigns.

Cybersecurity 140

Cybersecurity CISO Government Technology 140