Blog Security
The NIS-2 Directive: raising the security bar in Europe
In the final days of December 2022, a new Information Security Directive has been published by the European Commission. The NIS-2 Directives, aimed at improving the resilience of Europe’s Network and Information Systems, succeeds and supersedes its older brother by both broadening the scope and taking into account the ever changing information security landscape. In…
Joost Krapels
Security+ explanation and practice questions
Security+ is a certification offered by CompTIA. Those who have passed the exam, keep earning Continuous Education points, and pay the annual maintenance fee may add the title to their name. I (Joost) passed this exam recently and wanted to give you an impression of Security+, why you too might want to get certified, an…
Joost Krapels
CISA explanation and practice questions
CISA (certified information systems auditor) is a professional certificate for IT auditors. To become CISA you have to complete the exam and become ISACA member. To help you understand what CISA is about, we made a small test with exam level questions.
Sieuwert van Otterloo
Measuring and monitoring your ISO 27001 ISMS
Measuring and monitoring information security is required under clause 9.1 of ISO 27001. In this article we explain how to effectively monitor and measure your ISMS.
Joost Krapels
ISO27002:2022 explained – Technological controls
In this article, we explain the new ISO 27002:2022 chapter 8 – Technological controls. This covers the controls required to set up and maintain secure technological systems, particularly focusing on secure systems, development and code management. This is the last article in a series of four, each article covering one chapter: organization controls (chapter 5)…
Sieuwert van Otterloo