Blog security
A basic risk management method for information security
One of the requirements for good information security is to have a method for risk identification and assessment. This article describes one simple and practical method that can be used by any organisation. This page is part of a series on ISO 27001 controls and our free ISO27001 and GDPR templates.
Sieuwert van Otterloo
Security+ certification with practice questions
The CompTIA Security+ is a well-known entry-level information security certification designed for cyber security professionals and those seeking entering the field. We wrote about it in a previous article. I recently got this certificate and I would like to share my experience with those willing to give it a try. An important note, the knowledge…
Pavlo Burda
open standard Security Verified updated
Last month (feb 2024), the 2024 version of the open information security standard ‘Security Verified’ was released. This new version contains small changes to make it more readable and easier to combine with the latest version of ISO 27001.
Sieuwert van Otterloo
The NIS-2 Directive: raising the security bar in Europe
In the final days of December 2022, a new Information Security Directive has been published by the European Commission. The NIS-2 Directives, aimed at improving the resilience of Europe’s Network and Information Systems, succeeds and supersedes its older brother by both broadening the scope and taking into account the ever changing information security landscape. In…
Joost Krapels
Security+ explanation and practice questions
Security+ is a certification offered by CompTIA. Those who have passed the exam, keep earning Continuous Education points, and pay the annual maintenance fee may add the title to their name. I (Joost) passed this exam recently and wanted to give you an impression of Security+, why you too might want to get certified, an…
Joost Krapels