Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
 
Tag Archives | it

Information Security Certifications for Organizations

This post summarizes some certifications for organizations (and not for individuals or professionals) related somehow to information security or cybersecurity.   List of Information Security Certifications for Organizations Information Security Certifications for Organizations featured on this post: ISO/IEC 27001 ISO/IEC 27701 ISO/IEC 15408 ISO 22301 SOC 2 Type 2 STAR ENS ISO/IEC 27001 ISO/IEC 27001 […]

Comments { 0 }

USA Government Cybersecurity Organizations

This post summarizes organizations related to the Government of the United States of America (USA) that are related to information security or cybersecurity. List of USA Government Cybersecurity Organizations Non-exhaustive list of USA Government organizations related to cybersecurity: NIST CSRC CISA NSA/CSS NIST CSRC NIST (National Institute of Standards and Technology). NIST CSRC (Computer Security […]

Comments { 0 }

European Union Cybersecurity Organizations

This post summarizes organizations within or close to European Union (EU) that are related to information security or cybersecurity. List of European Union Cybersecurity Public Organizations Non-exhaustive list of European Union Cybersecurity Public Organizations: European Commission ENISA ECCC European Commission The European Commission is the European Union politically independent executive arm. It designed a EU […]

Comments { 0 }

Data Centers

A data processing center (DPC) or data center is a building, a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommunications and storage systems. Data center certifications ANSI TIA-942 is a certification issued by ANSI. You can find more information about this certification […]

Comments { 0 }

Cloud Security for Microsoft 365

This post adds some comments on cloud security for Microsoft 365. Cloud Security for Microsoft 365 Products related to Microsoft 365 security: Microsoft 365 Defender Microsoft Secure Score Microsoft Secure Score Microsoft Secure Score is a Microsoft product that measures the organization’s security posture regarding specific Microsoft 365 products and displays the results on a […]

Comments { 0 }

Microsoft Azure

This post is an introduction to Microsoft Azure. Microsoft Azure Frameworks Microsoft Azure Frameworks: Microsoft Azure Well-Architected Framework Microsoft Cloud Adoption Framework for Azure Microsoft Azure Well-Architected Framework Microsoft Azure Well-Architected Framework is the counterpart of AWS Well-Architected Framework. https://docs.microsoft.com/en-us/azure/architecture/framework/ Microsoft Cloud Adoption Framework for Azure Microsoft Cloud Adoption Framework for Azure provides proven guidance […]

Comments { 0 }

How to perform an IT Risk Assessment

This post tries to make an overview about how to perform a risk assessment of information technology (IT) assets. Steps to perform an IT risk assessment The summary of steps to be done are: Define scope Select a risk assessment methodology Identify asset types Identify threats Identify vulnerabilities List controls Assign controls to threats Identify […]

Comments { 0 }

IT Security Certifications

General IT Security Probably the most valued of this list are CISSP and CISM. SSCP Issued by (ISC)2. In the PECB ISO/IEC 27001 Lead Implementer course notes, it describes “SSCP” as “for new graduates”. CISSP Certified Information Systems Security Professional Issued by (ISC)² Requires 5 years of experience. Official link In the PECB ISO/IEC 27001 […]

Comments { 0 }

Compliance Management Solutions

Compliance management solutions provide templates, assessment tools and other functionalities to help an organization to meet compliance with some of the most popular standards. This post lists some Compliance Management Solutions.   Popular Compliance Standards List of some popular compliance standards: Payment Card Industry Data Security Standard (PCI DSS) International Standard Organizations (ISO) Standards, like […]

Comments { 0 }

List of IT Risk Analysis Methodologies

This post summarizes some relevant IT risk analysis methodologies.   IT risk analysis methodologies List of IT risk analysis methodologies: NIST 800-30 ISO 27005 Magerit Mehari OCTAVE Microsoft’s Security Management Guide NIST 800-30 NIST Special Publication 800-30, abbreviated as NIST SP 800-30 or NIST 800-30, whose title is “Guide for Conducting Risk Assessment”, is issued […]

Comments { 0 }
Política de privacidad
Studii Salmantini. Campus de excelencia internacional