What is an information security framework and why do I need one?

Posted by:

An information security framework, when done properly, will allow any security leader to more intelligently manage their organizations cyber risk.

The framework consists of a number of documents that clearly define the adopted policies, procedures, and processes by which your organisation abides.  It effectively explains to all parties (internal, tangential and external) how information, systems and services are managed within your organisation.

The main point of having an information security framework in place is ...

Read More →
0

We’ve all got password fatigue, but are NIST’s new policies wise?

Posted by:

Ah the necessary evil of passwords.

Those of us who have worked in organizations that require users to change passwords at set intervals know what I mean.

Typically every three to six months, users are requested to perform a password change – maybe in the form of an annoying pop-up alert. In some setups, the user is lock out of the system until a new memorable password (but one that follows the complex password creation guidelines) is set.

A ...

Read More →
0
})
SEC Cybersecurity Exams