Endpoint Cybersecurity GmbH
- TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1)
- AI Adoption for companies in the USA
- AI Adoption for companies (based on OECD data)
- SOC 2 Type 2 mapping to Secure SDLC Requirements
- EU Cyber Resilience Act (CRA) – Overview
- From Idea to Proof of Concept to MVP – 3 article series
- From Idea to Proof of Concept to MVP: The Minimum Viable Product – MVP (3/3)
- From Idea to Proof of Concept to MVP: The POC stage (2/3)
- From Idea to Proof of Concept to MVP: The Idea stage (1/3)
- Delivering often in small increments with Scrum
Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.17, “Information Security Aspects of Business Continuity Management” is crucial for organizations to ensure the resilience of their information security management systems (ISMS) in the face of disruptive events. This annex […]
Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.16, “Information Security Incident Management” is crucial for organizations to effectively detect, respond to, and recover from security incidents. This annex provides guidelines for establishing an incident management process to minimize the […]
Executive summary: NIS2 Directive for the EU members (updated)
/in EducationalThe NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common […]
NIS-2: 10 common misconceptions about the regulation
/in EducationalWe wrote here about NIS2 and we will continue to add more content about it. Because we are getting closer to October 17th, many people are getting more and more nervous about NIS2. Despite its significance, there are numerous misconceptions and misinterpretations circulating about the scope and implications of this regulation. This article aims to […]
Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.15, “Supplier Relationships”, which is crucial for organizations in order to ensure the security of information assets shared with external suppliers. This annex provides guidelines for managing supplier relationships effectively to mitigate […]