Information Security Learn Path at Enterprise World

OpenText Information Management

Security has become job #1 for every organization and that’s especially true when it comes to Enterprise Information Management (EIM). It will extend … The post Information Security Learn Path at Enterprise World appeared first on OpenText Blogs.

Workshop on the Economics of Information Security

Schneier on Security

Last week, I hosted the eighteenth Workshop on the Economics of Information Security at Harvard. Ross Anderson liveblogged the talks. conferences economicsofsecurity securityconferences

What is an information security policy?

IT Governance

It’s widely accepted that people are the weakest part of any organisation’s security defences. That’s why information security policies are arguably the most important part of an organisation’s defence. What do information security policies do?

What are the best books on information security?

IT Governance

As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR prescribes large administrative fines for organisations that fail to appropriately secure the personal data they process.

5 information security policies your organisation must have

IT Governance

Information security policies are essential for tackling organisations’ biggest weakness : their employees. Everything an organisation does to stay secure, from implementing state-of-the-art technological defences to sophisticated physical barriers, relies on people using them properly.

The anatomy of effective information security management

IT Governance

With the ever-increasing risks faced by every UK organisation from cyber crime, there is significantly increased pressure on every information security manager to deliver effective security. Build your knowledge and skills in information security management.

Priceless advice for information security managers

IT Governance

As an information security manager, you enter each day not knowing what it may bring, in spite, perhaps, of having a well-formed plan or at least a to-do list. Physical security. Managing information security in an uncertain world.

Physical Fails for Information Security and Privacy

IG Guru

Physical Fails for Information Security and Privacy August 7, 2018 Hosted by Rebecca Herold [Download MP3] [itunes] [Bookmark Episode] Guest Information Andrew Ysasi Episode Description This episode covers a problem as bad today as it was decades ago and in many ways worse.

GDPR compliance and information security: reducing data breach risks

IT Governance

But despite organisations’ focus on this part of the Regulation, many still aren’t sure what effective security looks like or how they should achieve it. ISO 27001 is the international standard for creating and maintaining an ISMS (information security management system).

Does Information Security Have a Future?

IG Guru

Buitron, DCS, MSIA, CISSP, MCSE Even though the apparent and hopeful answer to the title question is ‘yes, information security does have a future,’ several challenges affect the future of information security, now commonly called InfoSec or cybersecurity.

How to create an information security policy

IT Governance

ISO 27001 says that you must document an information security policy. What is an information security policy? An information security policy is one of the mandatory documents outlined in Clause 5.2 Key elements of your information security policy.

Kick-start your career in information security management

IT Governance

If you’re looking to develop a career in information security, the CISMP training course is a great starting point. It provides a broad introduction to information security management upon which more technical qualifications can be built.

How to document your information security policy

IT Governance

With cyber security affecting businesses worldwide, it is important that all organisations have a policy in place to state and record their commitment to protecting the information that they handle. First, what is an information security policy?

How CISMP can help your information security career

IT Governance

A career in information security management is very alluring: it’s rewarding, there’s a high demand for skilled professionals and it comes with a generous salary. All you need to do to get started is gain a Certificate in Information Security Management Principles (CISMP).

Information security and compliance training for the healthcare sector

IT Governance

Furthermore, the sector depends on its workforce to provide vital care, which is only possible when information is shared and available at the point of delivery. and healthcare must address the new DSP (Data Security and Protection) Toolkit.

What are the best books on information security?

IT Governance

And with thousands of books on information security, it can be hard to know where to begin. We’ve handpicked the best titles to better equip people looking to advance their careers in information security. Mark Rowe, Professional Security Magazine Online.

5 ways to improve your information security

IT Governance

Organisations are always looking for ways to improve their security posture, but the process is often frustrating. As soon as they secure one weakness, cyber criminals find another one. Here are five essential ways you can keep your organisation secure.

Introducing Behavioral Information Security

The Falcon's View

The focus of the boot camp was around "behavior design," which was suggested to me by a friend who's a leading expert in modern, progress security awareness program management. Suddenly, it occurred to me, "Hey, you know what we really need is a new sub-field that combines all aspects of security behavior design, such as security awareness, anti-phishing, social engineering, and even UEBA." I recently had the privilege of attending BJ Fogg's Behavior Design Boot Camp.

Do you know the difference between cyber security and information security?

IT Governance

You often see people use the terms ‘ cyber security ’ and ‘ information security ’ interchangeably. That’s because, in their most basic forms, they refer to the same thing: the integrity and confidentiality of information. Information security.

Your enterprise information security budget is too small

OpenText Information Management

The largest information security and digital risk conference in the world, RSAC 2018, recently descended on the Moscone Center in San Francisco for a packed week on all things cyber security.

Iowa and Nebraska Enact Information Security Laws

Hunton Privacy

Recently, Iowa and Nebraska enacted information security laws applicable to personal information. Iowa’s law applies to operators of online services directed at and used by students in kindergarten through grade 12, whereas Nebraska’s law applies to all commercial entities doing business in Nebraska who own or license Nebraska residents’ personal information. Operators also are prohibited from selling or renting students’ information.

Improve your information security with risk assessment software

IT Governance

A risk assessment is one of the first tasks an organisation should complete when preparing its cyber security policy and programme. vsRisk is an information security risk assessment software tool created by industry-leading ISO 27001 experts.

AusCERT and the Award for Information Security Excellence

Troy Hunt

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? SecurityI've been at the AusCERT conference this week which has presented a rare opportunity to walk to a major event from my home rather than fly to the other side of the world.

The 5 biggest information security concerns facing organisations

IT Governance

When implementing defences to keep data secure, organisations should rightly put a lot of effort into preventing external actors penetrating them, but as the 2018 BCI Horizon Scan Report reminds us, there are many other things to prepare for.

How OpenText Information Security employees prevent cybersecurity threats

OpenText Information Management

The Equifax breach disclosed in September 2017 validates why Information Security is at the forefront of the mainstream media, once again. This high visibility attack comes alongside an upswing in hackers manipulating the code of … The post How OpenText Information Security employees prevent cybersecurity threats appeared first on OpenText Blogs. OpenText Careers & Culture Information Security vacancies

2019 Predictions: Information security will be given a seat at the table without asking

Thales eSecurity

Many years ago, a board member said to me, “We’ve employed you to do information security, so why do we have to do anything?” My experience in the past has been that information/cyber security professionals have often been relegated to giving advice on the threat landscape and risks, and then futilely lobbying the board for visibility and resources to put appropriate controls in place. Data security

ISO 27001: How to set and document your information security objectives

IT Governance

Having created an information security policy , risk assessment procedure and risk treatment plan , you will be ready to set and document your information security objectives. Our annotated template takes the hassle out of documenting your information security objectives.

China issues Personal Information Security Specification

Data Protection Report

On 29 December 2017 the Standardization Administration of China issued an Information Security Technology – Personal Information Security Specification ?GB/T Although the Specification is not a mandatory regulation, it nonetheless has a key implementing role in relation to China’s Cyber Security Law (“Cyber Security Law”) in respect of protecting personal information in China. Expanded scope of personal information.

Once more unto the Breach – Managing information security in an uncertain world

IT Governance

The Internet is a playground for criminal hackers waiting to get their hands on your sensitive information. . Threats like this are very real for ISMs (information security managers), who face the reality of phishing scams, cracking and ransomware daily. . Physical security .

China Releases National Standard on Personal Information Security

Hunton Privacy

On January 25, 2018, the Standardization Administration of China published the full text of the Information Security Technology – Personal Information Security Specification (the “Specification”). The Specification is voluntary, but could become influential within China because it establishes benchmarks for the processing of personal information by a wide variety of entities and organizations.

Information Security 101 with Lisa Sotto: Legal Risks

Hunton Privacy

In the first segment of this three-part series, Lisa Sotto , head of the Global Privacy and Cybersecurity practice at Hunton & Williams, discusses information security law issues with The Electronic Discovery Institute. Information security] is a significant risk issue” and should be “at the top of the radar screen” for C-suites and boards of directors, says Sotto. Information Security Multimedia Resources Lisa Sotto

Video 43

New China Guideline for Internet Personal Information Security Protection

Data Protection Report

On 30 November 2018 the Cyber Security Protection Bureau, under the auspices of the PRC Ministry of Public Security (the “MPS”), issued a draft Guideline for Internet Personal Information Security Protection (the “Guideline”) along with a request for public comments. specific requirements/processes in handling personal information. internal management regulations and structures to protect information systems and personal information. Introduction.

National Standard on Personal Information Security Goes into Effect in China

Hunton Privacy

On May 1, 2018, the Information Security Technology – Personal Information Security Specification (the “Specification”) went into effect in China. The Specification constitutes a best practices guide for the collection, retention, use, sharing and transfer of personal information, and for the handling of related information security incidents.

Information Security 101 with Lisa Sotto: Types of Security Threats

Hunton Privacy

In the second segment of this three-part series, Lisa Sotto , head of the Global Privacy and Cybersecurity practice at Hunton & Williams, discusses with The Electronic Discovery Institute the types of security threats facing global companies. “No Information Security Multimedia Resources Lisa Sotto

An Action Plan to Fill the Information Security Workforce Gap

Dark Reading

Nothing says #whorunstheworld like an all-female blue team taking down a male-dominated red team in a battle to protect sensitive customer data, and other ideas to entice women into a cyber career

Information Security and Compliance Through the Prism of Healthcare and Retail

AIIM

Organizations must focus strategically on how to manage digital content and understand that: 1) end-users are consuming technology differently; 2) consumer devices are being increasingly used as “on-ramps” to digital workflows; and 3) how you secure the scan and capture process becomes increasingly important. 2 -- Retail provides useful lessons in the importance of decentralized capture and the security challenges it creates.

The first step in strong information security is to understand data assets

Information Management Resources

Data security Cyber security Cyber attacksIn talking to many CISOs over the last past few years, it is clear many organizations are still not sure what constitutes their most valuable assets and, as a result, cannot adequately protect their 'crown jewels.'.

Information Security 101 with Lisa Sotto: Responding to a Data Breach

Hunton Privacy

Information Security Multimedia Resources Security Breach Lisa SottoIn the third segment of this three-part series, Lisa Sotto , head of the Global Privacy and Cybersecurity practice at Hunton & Williams, discusses with The Electronic Discovery Institute how to respond to a data breach. It’s necessary, says Sotto, to have appropriate processes in place before a breach occurs.

Video 43

What successful chief information security officers are doing right

CGI

What successful chief information security officers are doing right. The role of the chief information security officer (CISO) has become increasingly mainstream and strategic in recent years. Many have direct responsibility for security risk, ensuring due care to protect sensitive data, and asserting that such data has followed the right chain of trust while ensuring the business continues to operate securely.

EU Council Adopts the Network and Information Security Directive

Hunton Privacy

On May 17, 2016, the European Council adopted its position at first reading of the Network and Information Security Directive (the “NIS Directive”). The NIS Directive will impose security obligations on “operators of essential services” in critical sectors and “digital service providers.” These operators will be required to take measures to manage cyber risks and report major security incidents.