Volg ICTI

Author Joost Krapels

Author: Joost Krapels
Joost Krapels has completed his BSc. Artificial Intelligence and MSc. Information Sciences at the VU Amsterdam. Within ICT Institute, Joost provides IT advice to clients, advises clients on Security and Privacy, and further develops our internal tools and templates.

ISO27002:2022 – what’s new?

ISO 27001:2013, a certification standard for Information Security Management systems, uses an extensive list of example control measures that organisations have to comply with, or explain the control is not applicable (comply or explain). This list of 114 controls is elaborated on in ISO 27002, showing how to implement them in practice. After eight years,…

Joost Krapels
wasp

New OWASP Top Ten 2021

Every few years, the OWASP Top Ten, a popular list of ten important risks for web applications, is updated. At the moment of writing this article, the Open Web Application Security Project (OWASP) version 2021 has just been released. In this article, we give a short explanation how the OWASP Top Ten works, and what…

Joost Krapels

Changes in CISSP: 2021 versus 2018

In April 2020, we wrote an article on the then current 2018 version of the Certified Information Systems Security Professional (CISSP) Body of Knowledge and provided a free study template. Technology evolves in a rapid pace, and with that the risks to an organisation’s information assets. The capabilities of and tools available to malicious actors…

Joost Krapels

How to improve your internet.nl score

Internet.nl is a service, co-created by the Dutch Government, for measuring the security of your website. The tool summarises many security aspects into two simple scores: one for websites and one for email. We use the service quite a lot, both for ICT Institute and our clients. Each score is between 0% and 100%. If…

Joost Krapels

Access Management: an introduction

Identity and Access Management, or IAM for short, is one of the cornerstones of Information Security. Organisations cannot protect the confidentiality, itegrity and availability of information entrusted to them if it can be seen, altered and deleted by anyone who simply desires to do so. In Information Security, we call the sequential steps required for…

Joost Krapels