Cybersecurity and Information Resilience Blog

Our blog provides you with the latest updates and news in cybersecurity and information resilience. Our experts discuss practical approaches to securing and protecting your information assets.

Creating Good PCI-DSS Network and Data Flow Diagrams

In planning a road trip across country by car, I would not want to use a map that was not updated since 1955. Roads have changed and new freeways would have been added that would not be on the 1955 map. In the same fashion, in planning changes to my environment or in planning and validating security solutions and controls, I need to have the most up to date and accurate depiction of my network. The best way to stay current is to add a step to your change control process

Read the full post >

The EU-US Privacy Shield is no more - what now?

The European Court of Justice ruled that the EU/US Privacy Shield data transfer mechanism is invalid. Conor Hogan, Global Practice Director - Privacy at BSI, reviews the impact and implications of the European Court of Justice's decision on the 5000+ organizations that rely on the Privacy Shield for the transfer personal data between the EU and US and vice-versa.

Read the full post >

If you are not using Shodan? Why not???

Shodan is a port scanner that continually scans the entire internet for exposed hosts and their services. It queries every single port on every single IP address to determine if a host is alive, what ports are open, and enumerates what services are operating on those ports. The result is a plethora of information about the state of the Internet, which is easily searchable and provides near real-time analysis of current trends.

Read the full post >

How organizations can prepare for and contain the inevitable; a cyber breach

One of the best ways for organizations to manage and protect their information assets is to implement ISO/IEC 27001, the internationally recognized information security management standard. Cyber-attacks are commonplace at this point; this blog post discusses one of the most recent; an attack on twenty-two local governments in the state of Texas. Stephen Haywood and Tim Jensen, discuss what companies should be aware of, what they need to think about, and what they can do to prepare for data breaches.

Read the full post >

Increasing your IT security posture by adopting work security habits to your personal life

As today’s proliferation of cyber threats, vulnerabilities and exploits continue to grow it is important for everyone to accept this as a price we pay for the extensive functionality the internet brings. As modern work practices blend into personal time and personal devices, it is vital for the modern employee to adopt a mature personal IT security posture to minimize risk both to personal accounts, devices and details but also indirectly to their employers systems.

Read the full post >

Four reasons organizations are moving to Managed Security

As security threats increase and news of breaches proliferates in the media, the response to mitigating these threats, and the allocation of security spend within IT and enterprise budgets, is no trivial task. Our consultants spoke to individuals working in IT to get their views on the current state of the security marketplace. As a result, we’ve identified 4 key areas that are driving companies to a managed security model.

Read the full post >

Asia Pacific

Europe

Americas

Middle East and Africa

Can't find an office location?

Popular

Access and buy standards

About standards

Standards and information

Auditing, certification and training

Consulting practices

Industry reports, research and news

Blogs

Cybersecurity and Information Resilience Blog

Creating Good PCI-DSS Network and Data Flow Diagrams

The EU-US Privacy Shield is no more - what now?