One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 2833972 |
| Date de publication | 2021-05-25 14:27:57 (vue: 2021-05-25 03:05:26) |
| Titre | Stepping on the cracks |
| Texte |  Anyone seeking information security standards or guidance is spoilt for choice e.g.:ISO27k - produced by a large international committee of subject matter experts and national representatives NIST SP 800 series – well researched, well written, actively maintained ... and FREE!IT Grundschutz - a typically thorough Germanic approach, to the point of absurdity (4,800 pages!) CSA - cloud security guidance is their home turfCOBIT - takes a deliberately different perspective on 'risk' and 'control' Secure application development standards such as those from OWASP IT standards and methods as a whole: relevant because IT or cyber security is clearly a big part of information security HR, physical security, privacy and business continuity standards and methods as a whole: filling-in the substantial gaps in IT or cyber security Risk management standards, the best of which at least mention the importance of identifying and managing information risksPCI DSS - not really an infosec standard so much as a contractual mechanism forcing organizations using credit cards to play their part in maintaining card security |
| Envoyé | Oui |
| Condensat | isaca commonality csa naturally neatly personally secure there 27570 800 :iso27k absurdity accepted actively addressing advice agreed all angle anti anyone applicable application approach approaches are area arising aside aspects authors balance because best between big brain business can card cards certification choice cities city clearly cloud committee common communications compliance computer concerns consensus consumes content continuity contract contracts contractual control conventional copyright cover cracks creativity credit crucial cultures cyber cycles data deliberately develop development developments devices difference differences different distinct divergent dss easy efforts emphasis emphasize emphasizes enough essentially evolve expectations experts fair fascinated filling focus forcing formalities fraud free from from owasp it gaps gdpr generally germanic good governing grundschutz guidance guidelines hacking hard help here: histories home homes however human identifying illustrates importance individual information infosec innovation instance intellectual international iot keeping language large law laws least likewise loads long looking lot maintained maintaining management managing information matter mechanism mention methods misuse/anti mobile more much national new not now objectives obligations offices often ongoing opportunities organization organizations out pages parallel part parties parts patents paving perspective perspectives physical play plus point portable practices privacy proactively produced proliferating property protecting published iso/iec purposes range really realm recently reflecting regs regulations reinforces relevant representatives nist required researched responding right rights risk risks riskspci roaming s cobit same satisfying scopes security security hr security myriad security risk seeking information series short simply since slabs smart societal society some sound specification spoilt spotting standard standards stepping streets striking studying subject substantial subtle success such suppliers tackle takes taking technologies term their structures them these thorough those though three time turfcobit typically use using various wearable well where whereas which whole: work written |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.