Getting Started In Information Security
Rob Newby kicked off with his Seven Stages of Security Man and Andy ITGuy also posted his guidance on Why become an IT Security Professional. I often get asked on how to start a career in information security so I thought that I would chip in my €0.02 worth. This post though is aimed at […]
Information Security – Overhyped?
A discussion with an old friend recently strayed into the area of information security and the hype that she currently sees surrounding products that will make us more compliant, secure and hacker proof. She works as an IT manager is a relatively large company and confessed to feeling confused by the various products, their claims and indeed the hype […]
Why use ISO 27001?
Over the past few months more clients are asking me what is ISO 27001 and what are the benfits of implementing an Information Security Management System based on the standard? ISO 27001 is a vendor and technology neutral internationally recognised standard which provides companies with a risk based approach to securing their information. It provides organisations with independent […]
ISO 27001 As a Tool for Compliance
Knowlege Ireland recently published an article I wrote discussing how the ISO 27001 standard can be used as a foundation to help companies ensure they meet their compliance requirements, be that SOX, Basel II, PCI or the Data Protection Act. The premise that I put forward is that having a certified Information Security Management System […]
Thoughts on Certification Schemes in Information Security
I have been asked on numerous occassions by different people what my feelings are regarding security certifications. I have collated the types of questions I get under the following headings and summarised my answers.
Information Security – The New Golden Goose?
While attending this year’s Infosec show I was suddenly struck with the thought that Information Security has become the new Golden Goose for the IT industry. The vast number of impressive exhibitor stands, professional presentations and the prevalence of suits as the preferred attire for the attendees demonstrated that information security is now a primary […]
Managing Information Security with ISO 27001
Information security is becoming more and more a business critical issue as executives and IT professionals are responsible for ensuring the safeguarding of client information, corporate data and compliance with various regulatory and legal requirements. The ISO 27001 Information Security Standard enables those responsible for securing corporate information and associated assets to demonstrate they have […]