Endpoint Cybersecurity GmbH
- Implementing ISO 27001:2022 Annex A.18 – Compliance
- Maping NIS2 requirements to the ISO 27001:2022 framework
- Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
- Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
- Executive summary: NIS2 Directive for the EU members (updated)
- NIS-2: 10 common misconceptions about the regulation
- Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
- Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance
- Understanding ISO 27001:2022 Annex A.13 – Communications Security
- Understanding ISO 27001:2022 Annex A.12 – Operations Security
Demystifying cybersecurity terms: Policy, Standard, Procedure, Controls, Framework, Zero Trust
/in EducationalI am often asked what is the difference between Policy, Standard, Procedure in cybersecurity. Well, here it is: 1. Cybersecurity Standard A cybersecurity standard is a set of guidelines, criteria, or best practices that organizations follow to ensure that their security controls and procedures align with industry standards or regulatory requirements. Standards provide a benchmark […]
Zero Trust in Cybersecurity: from myth to the guide
/in EducationalEvery single day I read news on various portals and on LinkedIn and I encounter a lot of buzz words. Most of the time I just smile recognizing the marketing b**it, and continue to scroll… This time, I found an article from the Germany’s Federal Bureau of Information Security (BSI) and it was about Zero […]
NIS2: 3.Establish a cybersecurity framework
/in EducationalWe wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . Establishing a cybersecurity framework is critically important for organizations of all sizes and types because it is […]
How to implement an Information Security Management System (ISMS)
/in EducationalWe wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . An ISMS is typically based on the ISO 27001 standard, which provides a framework for establishing, implementing, maintaining, […]
NIS2: 2.Designate a responsible person or team
/in EducationalWe wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to ensure its success. NIS2 implementation and compliance is a project, and as any project must […]