Blog Security
Using Notion for your ISMS
Building and maintaining an ISO 27001-compliant Information Security Management System (ISMS) can be resource-intensive, especially for smaller organizations. At the ICT Institute, we are committed to help organizations with the ISO 27001. To help organizations get started, we’ve built a free Notion template that includes a ready-to-use Risk Register. This template allows you to set…
Pavlo Burda
Security+ certification with practice questions
The CompTIA Security+ is a well-known entry-level information security certification designed for cyber security professionals and those seeking entering the field. We wrote about it in a previous article. I recently got this certificate and I would like to share my experience with those willing to give it a try. An important note, the knowledge…
Pavlo Burda
Understanding Social Engineering attacks at CHI 2025
This April, I’ll be presenting my research on social engineering attacks at the 2025 ACM Conference on Human Factors in Computing Systems (CHI) in Yokohama, Japan. CHI brings together a global community of researchers, designers, and practitioners who explore the future of how humans interact with technology. As the premier conference on Human-Computer Interaction, this…
Pavlo Burda
Training implementing ISO 27001 with certificate
If you work in a security team that uses the standard ISO 27001, it is useful to complete a formal ISO 27001 training so that you use the standard correctly. We are now offering a short course that covers the fundamentals of information security based on ISO 27001.
Sieuwert van Otterloo
ISO 27001 technological controls for software development
The latest version of ISO 27001 contains multiple controls about secure development, engineering, coding and testing that seem to overlap. In this article we provide guidance how to implement these controls. The overlapping controls explained are 8.25, 8.26, 8.27 and 8.28. We also cover 8.31 and 8.33 (test environments and test information).
Sieuwert van Otterloo