This post explains the concept of information security compliance and related topics. Compliance is one of the three sub-areas covered in Information Security area of GRC (Governance, Risk and Compliance). Sources of IT Security Compliance Compliance comes from the following…
This post tries to explain what is an Information Security Program. What is an Information Security Program? According to ISACA, an information security program (ISP) is a set of activities that provide assurance that information assets are given a level…
This post features some IT Security and Cybersecurity Professional Associations of Spain. List of Cybersecurity Associations for Professionals of Spain Non-exhaustive list of cybersecurity associations for professionals of Spain: ISACA Madrid Chapter ISACA Madrid Chapter is a non-profit association founded…
This post gives a general and brief overview about IT security and cybersecurity. It also links to other posts within this blog where the information is expanded. Definitions of Information Security and Cybersecurity Information security is in charge of the…
This post summarizes information security or cybersecurity control inventories. List of Information Security Control Catalogues Information Security Control Catalogues: ISO/IEC 27002 ISO/IEC 27002 is officially titled “Information security, cybersecurity and privacy protection — Information security controls”, but it can be…
An information security rating is an objective, data-driven, quantifiable measurement of an organization’s overall information security performance. It is often referred as cybersecurity rating. This post summarizes information security rating agencies that can assess organizations. List of Information Security Ratings for Organizations…
This post lists methods to assess the Information Security of an organization that acts as a third party for another one (e.g., a provider). This third parties are often referred as 3PL, that is an acronym for third-party logistics. Methods…
This post lists some cloud security tools List of Cloud Security Tools Cloud Security Tools featured on this post: Qualys Cloud Platform CloudPassage Halo Core CloudInspect Tenable for AWS Broadcom Cloud Workload Protection Alert Logic Deep Security Outpost24 Cloud Security…