Category: Standard

A new emerging concept and disciplines within the cyber security called Attack Surface Management (ASM) has become a crucial component of comprehensive cybersecurity strategies. Understanding and managing the attack surface is essential for protecting an organization’s information assets. ASM is an approach to protecting organization digital assets by changing the perspective of security to an…

Cloud Detection and Response (CDR) refers to a set of cybersecurity practices and tools designed to detect and respond to security threats within cloud environments. As organizations increasingly adopt cloud services and platforms, securing these environments becomes paramount to protect sensitive data and infrastructure from cyberattacks and breaches. CDR solutions typically involve the continuous monitoring…

The Health Insurance Portability and Accountability Act, commonly known as HIPAA, was enacted in 1996. It revolutionized the way healthcare providers, insurance companies, and their business associates handle patient information. The primary goal is to ensure the protection and confidential handling of protected health information (PHI). The reason we talk about HIPAA as part of…

Standard Focus ISO 27001 Establishing, implementing, and maintaining an ISMS ISO 27701 Privacy Information Management System (PIMS) extension to ISO 27001 ISO 27006 Requirements and guidance for certification bodies offering ISO 27001 certifications ISO 27005 Information security risk management ISO 27004 Information security management measurement and metrics ISO 27003 Implementation guidance for ISO 27001 ISO…

Protecting sensitive data, ensuring the integrity of systems, and maintaining confidentiality are critical to maintaining business continuity and customer trust. One internationally recognized standard that organizations often turn to is ISO 27001. In this article, we will explore what ISO 27001 is and its significance in the field of information security. Understanding standard ISO 27001…