As the IT environment has changed significantly over the past several years, members of the Security Forum saw a need to revisit the document, Enterprise Security Architecture, and to update the guidance contained in it to address changes including mobile device security, and new categories of security controls such as data loss prevention. Learn about the new download here.
The Open Group set up three informal Twitter polls this week during The Open Group Conference, London. What do you think of our informal poll results? Do you agree? Disagree? And why?
As the IT media is dominated by stories on Cloud and cyber-security, it will be refreshing to debate these in an open environment at The Open Group Conference, London, and discuss the many challenges we all face in navigating an increasingly complex IT world. I’d love to hear your views on the type of questions you’d like answered and any particular issues you feel passionate about.
O-ISM3 can be implemented as a top-down methodology to manage an entire information security program, or it can be deployed more tactically, starting with just a few information security processes. As such, it can deliver value to information security organizations of varying sizes, maturity levels, and in different industries.
Specific to IT security, the world is indeed flat, and the threats being faced as well as the security concerns and approaches in India and UAE mirror those in the US, Europe, and elsewhere.
We created the Cookbook for ISO/IEC 27005:2005 for anyone tasked with selecting, performing, evaluating, or developing a risk assessment methodology. I can say with confidence that we have met our goals in creating comprehensive and needed guidance and standards in the area of risk analysis.