Please cascade to your teams please Tata Consultancy Services (BSE: 532540, NSE: TCS), the leading IT services, consulting and business solutions organization, is a partner with the Foreign & Commonwealth Office (FCO) of the UK Governmen
All Posts (2678)
Sort by
This year’s study examines the costs incurred by 36 Indian companies in 12 industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims and/or regulators as required by laws and
Governance, Risk and Compliance is sometimes a managerial step or a mandatory step to adhere with regulations & maintain compliant systems. It widely helps in Risk Management.
Some of the major components of IT GRC are:
- IT Policy Management
- IT Risk
The intent of using IT Governance Risk Compliance (IT GRC) tools and capabilities is to report and manage IT Risks. We will study the critical platform capabilities for IT GRC Tools.
Critical Platform Capabilities In IT GRC Solution
- IT Risk Mana
What Is Bad USB?
The phenomenon of using the USB for malicious intent can be termed as Bad USB. USB Thumb Drives are the last considerations of malicious intent. However, if manipulated, they can takeover almost everything.
Some interesting demonstra
Free/Opensource Tools -
- IT GRC Asset Management
Some functions can be used for technical controls to policy enforcement
OTRS http://www.otrs.com/en/
Redmine http://www.redmine.org/
Mantis http://www.mantisbt.org/ - IT GRC Risk Management-
GLPI http:
Today, while working on github, I landed upon an amazing curated list of information on Application Security, covering from fundamentals to programming. The most amazing part was the love demonstration of hacking a website.
Do check this out: https://
SAP has released the monthly critical patch update for August 2015. This patch update closes 22 vulnerabilities in SAP products, 15 have high priority, some of them belong to the SAP HANA security area. The most popular vulnerability is Cross Site Sc
To select the best IT GRC tools/solution for you, you need a checklist of all Use Cases for your organization. Prioritization of that followed by weighing the implementation ease can help you choose the best IT GRC solution. Here are few Use Cases to
Hello, dear readers, recently we have finished our series of articles on how to Secure SAP Systems from XXS vulnerabilities. Having a great success with the previous series, I decided to launch another series of articles called “SAP Security for CISO
No doubt you had heard about Chrysler’s recall of affected cars as it appeared in all the top media. You’ll be even more surprised if you see how many recalls happened because of technical issues in recent months. But there is something that we may m
Some major sections under BYOD Policy can be as:
- Acceptable Use Policy
- Supported Devices
- It Staff & Support Provided
- Costs & Reimbursements
- Security Controls
- Ownerships & Liabilities
- Disclaimers
Acceptable Use Policy
- Define activities acceptable
General
When did we do our last data inventory check?
Secure Development
Do we follow secure SDLC? Is security looked into from the scratch?
What is the cycle of application testing?
What are the most major security vulnerabilities/flaws existing
SAP has released the monthly critical patch update for July 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong in the SAP HANA security area. The most popular vulnerability is Missing Authorization Check. Thi
Last Wednesday Harvard University announced that on June 19 an intrusion on Faculty of Arts and Sciences and Central Administration information technology networks was discovered. According to the announcement on Harvard website, this breach affected
Incident Response is pretty much the same, however the first few hours can be vital and only high priority actions can save the situation. Since this is a Security Breach, it is of highest priority and must be treated at highest escalation level.
Here's a list of World's Best and Most Popular IT Security Conferences. Details such as Tentative Time, Pass Price and Locations are mentioned so you can plan your Calendar.
Top IT Security Conferences In The World:
1. Black Hat
Claims to be the mo
Convincing the board to spend on the security initiatives has always been challenging. The ROI being very complex, the information security world is often overlooked. Here's a template to help structure the IT security content for the Board.
Key Con
Here is a comprehensive checklist to Evaluate SIEM Vendors. We highly appreciate this community contribution.
by Sunil Soni, CISO, Punjab National Bank
Vendor Selection Framework For Integration Of Threat Intelligence With SIEM
Key Selection Cr
Technical Skills:
Major Areas Of Focus:
- Incident Response
- Computer Forensics
- Network Security
- Secure Architecture
( Read More: CISO Platform Top IT Security Influencers (Part 1) )
Conceptual (Understand How-It-Works):
- Fundamental security conce
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
