The ISO 27000 family of protocols represent a series of standards developed by the International Organization for Standardization (ISO) to address various aspects of information security management. These standards provide a framework for organizations to establish, implement, maintain, and continually improve their information security management systems (ISMS). Each standard within the ISO 27000 family serves […]
Contents Toggle Securing the Presentation Layer Risk Assessment at the Presentation Layer Security practices Securing the Business Logic Layer Risk Assessment at the Business Logic Layer Securing the Database Level Risk Assessment at the Database Level Continuous Monitoring and Response Conclusion I have been asked by friends and customers what is the best way […]
This post is for creators of digital services like optimization tools, VPN solutions, Backup and Disaster Recovery tools, Parental control tools, Identity protection tools, Privacy tools, Email clients, Browsers and many others. Your products are doing a good job in the dynamic landscape of digital services, and it is amazing of how much commitment and […]
The integration of Artificial Intelligence (AI) in endpoint security has revolutionized the way organizations protect their devices and data. Ok, let’s take a break here: have you read the article about Artificial Intelligence vs. Machine Learning ? By leveraging AI and machine learning models that analyze user behavior on devices, organizations can detect anomalies […]
Being an CSSLP gives me access to various emails from (ISC)2. One of these announced me that there is a recording of a webinar about AI and Cybersecurity held by Steve Piper from CyberEdge. Very nice presentation of 1h, and I found out that there is a sequel to that on November 1st. So, following […]
These two fundamental concepts play a pivotal role in ensuring the integrity and security of digital systems. While these terms are often used interchangeably, they represent distinct and equally essential aspects in the world of identity and access management (IAM), which safeguards sensitive information and resources . Executive summary Authentication confirms that users are who they […]
I am often asked what is the difference between Policy, Standard, Procedure in cybersecurity. Well, here it is: 1. Cybersecurity Standard A cybersecurity standard is a set of guidelines, criteria, or best practices that organizations follow to ensure that their security controls and procedures align with industry standards or regulatory requirements. Standards provide a benchmark […]
Every single day I read news on various portals and on LinkedIn and I encounter a lot of buzz words. Most of the time I just smile recognizing the marketing b**it, and continue to scroll… This time, I found an article from the Germany’s Federal Bureau of Information Security (BSI) and it was about Zero […]
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . Establishing a cybersecurity framework is critically important for organizations of all sizes and types because it is […]
We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . An ISMS is typically based on the ISO 27001 standard, which provides a framework for establishing, implementing, maintaining, […]
Endpoint Cybersecurity GmbH
