Volg ICTI

Blog information security

Changes in CISSP: 2021 versus 2018

In April 2020, we wrote an article on the then current 2018 version of the Certified Information Systems Security Professional (CISSP) Body of Knowledge and provided a free study template. Technology evolves in a rapid pace, and with that the risks to an organisation’s information assets. The capabilities of and tools available to malicious actors…

Joost Krapels

Access Management: an introduction

Identity and Access Management, or IAM for short, is one of the cornerstones of Information Security. Organisations cannot protect the confidentiality, itegrity and availability of information entrusted to them if it can be seen, altered and deleted by anyone who simply desires to do so. In Information Security, we call the sequential steps required for…

Joost Krapels

ISO27002 explained, part 2

The article is part two of a series of four articles. The article series briefly explain each control that is mentioned in the ISO 27001 statement of applicability. The explanation is based on ISO 27002. —————–Article 1—————– Information Security Policies  A5 Organization of Information Security A6 Human Resource Security A7 Asset Management A8 —————–Article 2—————-…

Joost Krapels

ISO27002 explained, part 3

The article is part three of a series of four articles explaining ISO 27002 and the ISO 27001 statement of applicability. The article series briefly explain each control that is mentioned in these standards. The explanation is based on ISO 27002. —————–Article 1—————– Information Security Policies  A5 Organization of Information Security A6 Human Resource Security…

Joost Krapels

Interview with ISO 27001 audit expert Philip Ku

Philip Ku is an international information security and audit expert. He is a certified lead auditor for ISO 27001 information security and also for related standards and trains auditors worldwide, including in The Netherlands. We interviewed Philip to understand how he became an expert and what he sees as new trends in information security.

Sieuwert van Otterloo