Killing the Cyber Security Kill Chain

By

image :oreilly

Threat Modelling aims to identify threats and vulnerabilities to apply controls to mitigate the risks. Killing the Cyber Security Kill Chain is an approach for Threat Modelling with ISO 27001 controls.

    


Comments

Post a Comment

Popular posts from this blog

The 7 Layers of Cyber Security : Attacks on OSI model

By
Image
Source : wallarm The OSI network  communications model is made of  7 layers. Each layer  handles a specific process to enable reliable communication between two or more devices. When the Internet was designed, its focus was on ensuring of reliable communications. The challenges of communication security emerged later.  These 7 layers act like a chain of links. If one lnk breaks, the whole chain of communication breaks. Hence security threat can happen at any of the 7 layers.  These layers are named as Application, Presentation, Session, Transport, Network, Data link and Physical layer. The application layer is your email application, physical layer is your communication cable, and everything else is in between help you communicate. In abstract the application layer provides user interface, while presentation layer handle formating, encoding and encryption. The session layer manages connections. The transport layer handles segmentation, sequencing, and establishi...
Read more

Personally Identifiable information (PII) and Personal Data Protection

By
Image
Image : libguides Personally Identifiable information (PII) is defined as any data that could potentially identify a specific individual. In simple, PII is any information that can be used to distinguish one person from another.  The legal definition of PII may vary from jurisdiction to jurisdiction. However,  universally it refers to information that can be used to trace an individual identity, with by one or more information that is linkable to a person. Following are personally identifiable information.  name address email race ethnicity telephone number date of birth passport number fingerprint facial image mother's maiden name driver's license number credit or debit card number Social Security number/ID no The reasons to protect PII are : Protecting PII is important to ensure personal privacy. Personal data is collected, recorded, processed, tracked and used daily. They include names, IDs , biometric scans with fingerprints, facial recognition systems used to lo...
Read more

ISO 27001 ISMS in a Nutshell

By
Image
Image : ISO The ISO 27001 certification is the most comprehensive  information security standard recognized globally. It ensures standardizing of your organisation's information security strategies to ensure confidentiality, integrity and availability of your systems and data to conduct your business effectively.  Gaining the certification is a journey with several milestones. It is a carefully planned systematic activity that transforms an organisation to a secure entity,  where everyone becomes a stakeholder in information security. Follow this processes to get to your goal successfully. Step 1. Obtain Management Support . This is the most critical requirement to achieve ISO 27001 status. Your ISMS project will definitely fail if it does not receive to management support. The management should provide, people, money and strategic direction for your ISMS to be a success story. In the sections below you’ll find some tips on how to convince your management, and how much th...
Read more