Complexity: The Hidden Monster behind Insecurity

No doubt that companies struggle with information security these days. Today they spend hundreds of thousand dollars, some millions, tomorrow they realize they have done nothing! Security folks do not have peaceful night sleep, because they know what they have done during the day could easy be compromised! Regardless of why we are spending money […]

Tips To Buy And Implement SIEM Solution

Use following checklist to make sure you are on the right track to choose your first or next SIEM solution. The whole process takes 1-4 weeks based on your dedication and vendor availability. Remember the worst thing is being in rush in five four steps: Write a plan Write down all the steps you anticipate […]

Why Environment Constantly Faces Insecurities?

There is no doubt that security is not a project, there is no end and we need to constantly evolve but does it seem to you that you may put more effort you expect? You would sense some doubt about why you are constantly running after fixing issues, but is this the way security works?  […]

The Fine Art of Network Security Configuration: Micro Segmentation

Micro segmentation is the particle of an effective network segregation Network security administration barely leverages a concept which basically has been there forever and could literally saves them forever when dealing with security of network services, and that is nothing but micros segmentation.  I usually bring practical examples to my workshops so students are able […]

How to effectively audit any ISO 27001 process?

First of all, auditor needs to be a SME, not only to the security management system, but also specifically in regards to ISO 27001. The reason is related to the fact that “terminology” or “particular definition” of terms is important.  Then there are three simple aspects of any process or policy document which should have been adequately addressed by […]

ISO 27001 Audit Tips and Tricks

the easy way to maintain an effective, low cost and smart ISO 27001 security management system Even though there is no magic behind auditing a system based on ISO 27001, there are simple tricks which help you handle ISO 27001 or many other similar standards and frameworks, both as and auditor and auditee. I would […]