El Diario del CISO El Diario del CISO (The CISO Journal) Edición 30 - Page 4
ISF Public Release: Quantitative Techniques in Information Risk Analysis
Security is a trade-off between opportunity and risk. But this choice is shrouded in uncertainty, as the complexity of the information age
obscures judgement and decision making.
Nobody Expects The Spanish Inquisition…
Our chief weapons are…oh dammit, look amongst our weapons are: NIST 800-53 ISO 27001 GDPR PCI DSS COBIT SEC (and ALL it’s
bloody convoluted stuff) NERC/FERC FedRAMP HIPAA/Crosswalk/HITRUST Fear Us!! For we are internal audit, we are compliance!
Business Risk aligned CyberSecurity Strategy Design
I mentioned cybersecurity is primarily a business risk, before being considered an IT risk
Big News: The Backstory on the First U.S. Cybersecurity Assessment
October 2018 marks the 15th annual National Cybersecurity Awareness Month, and last week, FICO announced big news: we have
teamed with the U.S.