Survey on Information Security Metrics
Noel Comerford, one of the volunteers for the Irish CERT (IRISS) , is currently conducting some research work on the topic of Information Security Metrics as part of his MSc in Information Security. Noel is trying to establish how widely used and how effective Information Security Metrics are within Irish organisations and has set up a survey to help him achieve […]
BH Consulting Achieves ISO 27001 Certification
Following an independent audit of our Information Security Management System by Certification Europe, BH Consulting has been awarded accreditation to the ISO 27001:2005 Information Security Standard. This independent certification recognises that BH Consulting has in place an Information Security Management System that meets the requirements of this highly regarded standard. Achieving this accreditation means that […]
Fight for Kisses – Lessons for Infosec
A friend emailed me a link to the video below. It is a very amusing advert for a gents shaving product highlighting how babies can monopolise their mother’s affections, to the cost of the father. Of course being in information security I could not help look at the video from the infosec viewpoint and it made me […]
Information Security Assurance Checklist for SMEs
I am often approached by owners of small businesses who ask me how can they be assured that they have taken the basic steps to protect their information assets. These companies often do not have any internal IT or information securty expertise and rely on external vendors or contractors to secure their systems. What these […]
Implementing ISO 27001 In A Windows Environment
Last week saw the release of my book “Implementing ISO 27001 In a Windows Environment“. If you use Microsoft Windows within your organisation and you are planning to roll out ISO 27001 this book could save you a lot of time and money. The book highlights the built in features of Windows that you can use to […]
Implementing ISO 27001 In A Windows Environment
One of the biggest projects I worked on last year was writing my first book. The book is called “Implementing ISO 27001 in a Windows Environment“. I wrote this book in response to the many questions clients have asked me on how best to put in place the various controls and goals outlined in the ISO 27001 […]
Managing Information Security with ISO 27001
In partnership with the Centre for Software Engineering we are running a two day course on “Managing Information Security with the ISO 27001 Information Security Standard”. The course is scheduled to run on the 20th and 21st of October 2008 and you can book your place on the course by contacting the Centre for Software Engineering. […]
Information Security Summer School
Now that the summer is here, although it is hard to believe that given the weather we are having, it is time for summer schools. As an information security professional you can join in the summer fun too. The European Network and Information Security Agency (ENISA) and the Institute of Computer Science of the Foundation […]
Managing Information Security With ISO 27001
In partnership with the Centre for Software Engineering we are running a two day course on “Managing Information Security with the ISO 27001 Information Security Standard”. The course is scheduled to run on the 17th and 18th of June 2008 and you can book your place on the course by contacting the Centre for Software Engineering. The […]
The Three R's of Information Security
I had an interesting insight today when meeting with a customer. We were talking about their information security challenges and she mentioned that their main concerns are what they call the “Three Rs”. Now I have to admit that this phrase had me stumped as I have never before come across the “Three Rs of […]