Volg ICTI

Author Joost Krapels

Author: Joost Krapels
Joost Krapels has worked at ICT Institute from 2019 - oct 2024. He is a security and privacy officer with a lot of GDPR and ISO 27001 experience, and has Security+ and CISSP certification.

The NIS-2 Directive: raising the security bar in Europe

In the final days of December 2022, a new Information Security Directive has been published by the European Commission. The NIS-2 Directives, aimed at improving the resilience of Europe’s Network and Information Systems, succeeds and supersedes its older brother by both broadening the scope and taking into account the ever changing information security landscape. In…

Joost Krapels

Privacy statement generators: a comparison

All organizations processing personal data, even the ones without an in-house privacy expert, are required to disclose information on this processing. Most organizations do this through a privacy statement on their website. Several websites offer a free privacy statement generator, but do these actually produce valid privacy statements? In this article, we summarize the research…

Joost Krapels

Security+ explanation and practice questions

Security+ is a certification offered by CompTIA. Those who have passed the exam, keep earning Continuous Education points, and pay the annual maintenance fee may add the title to their name. I (Joost) passed this exam recently and wanted to give you an impression of Security+, why you too might want to get certified, an…

Joost Krapels

Measuring and monitoring your ISO 27001 ISMS

Measuring and monitoring information security is required under clause 9.1 of ISO 27001. In this article we explain how to effectively monitor and measure your ISMS.

Joost Krapels

ISO27002:2022 explained – Organizational controls

The information security standard ISO 27001 consists of a main structure and an annex of recommended controls. The recommended controls are further explained in an additional standard ISO 27002. The main structure explains how a well-functioning ISMS (Information Security Management System) should be set up and maintained. The controls are specific actions that organisations should…

Joost Krapels