Blog security
ISO27002:2022 explained – Physical controls
In this article, we explain the new ISO 27002:2022 chapter 7 – Physical controls. This covers the controls necessary to protect information from physical threats. This is the third article in a series of four, each article covering one chapter: organization controls (chapter 5) people controls (chapter 6) physical controls (chapter 7)- This article technological…
Sieuwert van OtterlooISO27002:2022 explained – People controls
In this article, we explain the new ISO 27002:2022 chapter 6 – People controls. This covers the controls required for secure human resources management. This is the second article in a series of four, each article covering one chapter: Organization controls (chapter 5) People controls (chapter 6) – This article Physical controls (chapter 7) Technological…
Sieuwert van OtterlooNew OWASP Top Ten 2021
Every few years, the OWASP Top Ten, a popular list of ten important risks for web applications, is updated. At the moment of writing this article, the Open Web Application Security Project (OWASP) version 2021 has just been released. In this article, we give a short explanation how the OWASP Top Ten works, and what…
Joost KrapelsHow to improve your internet.nl score
Internet.nl is a service, co-created by the Dutch Government, for measuring the security of your website. The tool summarises many security aspects into two simple scores: one for websites and one for email. We use the service quite a lot, both for ICT Institute and our clients. Each score is between 0% and 100%. If…
Joost KrapelsFree CISSP 2018 body of knowledge study template
The Certified Information System Security Professional (CISSP) certification is a way for security engineers, managers, executives, and consultants to show they have a firm grasp of the technical and organizational aspects of Information Security. The official study guide provided by (ISC)², the organization behind CISSP, contains 948 pages of study material divided over eight domains….
Joost Krapels