Book Reviews Archive
An extract from ISO 27001 controls – A guide to implementing and auditing. An ideal book for anyone implementing or auditing an ISO 27001- compliant ISMS (Information Security Management System).
This pocket guide gives a practical but strategic overview for leadership teams of what an energy management system (EnMS) is and how implementing one can bring added value to an organisation. It is not a ‘how to’ book but explains why starting …
Chapter 2 of EU GDPR - An Implementation and Compliance Guide, give a breakdown of the GDPR’s six data processing principles. Read the extract here.
ISO/IEC 27701:2019 is the international standard for privacy information management. It is structured in the same way as ISO/IEC 27001 – hence from the establishment of the privacy information management system (PIMS) through to its review and adaptation. There are …
Chapter 13 of EU GDPR - An Implementation and Compliance Guide, breaks down compliance and managing personal data internationally. Read the extract here.
The EU’s Directive on security of network and information systems (NIS Directive) is part of the legislated response to these threats. It aims to establish a “high common level of security of network and information systems across the Union” (NIS …
The human decision-making process is the preferred subject of psychologists and economists. Historically, they adopted an approach of viewing human behaviour as regular and highly predictable.
To combat an increase in cybersecurity vulnerabilities as a result of this ever-increasing connectivity, organizations should shift their approach to focus on protecting the valuable information, rather than limiting their efforts on hardening information system endpoints.
In Build a Security Culture, security consultant and trainer Kai Roer discusses the human and cultural factors in organisational security, and explains how to ensure your organisation is set up to manage and deter malicious intrusions and threats based on common human vulnerabilities. Here is an extract taken from chapter 7 of …
All target dates for compliance with the PCI DSS have long since passed. The Standard is now on its third version, with the fourth in development with a predicted release date of Q4 2020. It is likely that v3.2.1 will …