This post summarizes some relevant IT risk analysis and management frameworks or methodologies. Please do not confuse them with risk analysis methodologies. List IT of Risk Management frameworks List of IT risk analysis frameworks: ISO/IEC 27005 The title of ISO/IEC…
An information security rating is an objective, data-driven, quantifiable measurement of an organization’s overall information security performance. It is often referred as cybersecurity rating. This post summarizes information security rating agencies that can assess organizations. List of Information Security Ratings for Organizations…
This post lists methods to assess the Information Security of an organization that acts as a third party for another one (e.g., a provider). This third parties are often referred as 3PL, that is an acronym for third-party logistics. Methods…
This post summarizes some certifications for organizations (and not for individuals or professionals) related somehow to information security or cybersecurity. List of Information Security Certifications for Organizations Information Security Certifications for Organizations featured on this post: ISO/IEC 27001 ISO/IEC 27001…
This post summarizes organizations related to the Government of the United States of America (USA) that are related to information security or cybersecurity. List of USA Government Cybersecurity Organizations Non-exhaustive list of USA Government organizations related to cybersecurity: NIST CSRC…
This post summarizes organizations within or close to European Union (EU) that are related to information security or cybersecurity. List of European Union Cybersecurity Public Organizations Non-exhaustive list of European Union Cybersecurity Public Organizations: European Commission The European Commission is…
A data processing center (DPC) or data center is a building, a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommunications and storage systems. Data Center Certifications ANSI…
The ISO/IEC 27000-series is a set of standards related to information security and publish by ISO and IEC. It provides recommendations on information security, in the context of a Information Security Management System (ISMS). Standards included on ISO/IEC 27000-series As…
This post lists some cybersecurity conventions or events that are celebrated in Spain. List of IT Security Conventions in Spain Cybersecurity Conventions in Spain, in order of recurrence: CIBERSEG Jornadas Seguridad y Defensa CIBERSEG. Alcalá de Henares, Madrid, Spain. Yearly…
CISSP (Certified Information Systems Security Professional) is a certification granted by the organization ISC2 (International Information System Security Certification Consortium). This post explains how you can prepare the exam to apply for CISSP certification. To find more information about the…