We are proud to announce that #CrateDB achieved ISO 27001 certification, the international standard for information #security 👏

The security of data is non-negotiable 🔐 With the #ISO27001 certification, we have elevated the standards for #informationsecurity, providing you with confidence in the safety, confidentiality, integrity, and availability of your valuable information.

Learn more ⬇️
https://crate.io/blog/cratedb-elevates-its-security-standards-and-achieves-iso-27001-certification

Deming : gestion de votre système de management de la sécurité de l'information Open Source https://linuxfr.org/news/deming-gestion-de-votre-systeme-de-management-de-la-securite-de-l-information-open-source #Sécurité #sécurité #iso27001 #deming #smsi #iso #grc

Звернувся клієнт з проханням допомогти отримати сертифікацію #SOC2 або #iso27001
Самостійно такого не робили, але приймали участь декілька разів з іншими клієнтами. Сподіваюсь, зможемо домовитися з клієнтом про строки та бюджет, бо на це може зайняти 2-3 місяці у кращому випадку. Заодно переведемо його з #Azure на #AWS

VegaSystems wird Partner des Paderborner E-Sports e. V. und verstärkt die bereits seit langem vorhandene Kooperationspartnerschaft. 👍
#Paderborn #Rechenzentrum #ISO27001
https://www.vegasystems.de/blog/starke-technische-unterstuetzung-fuer-paderborner-e-sports-e-v/

I'd like a #Jira extension or browser plugin that scans the contents of issue descriptions suggestions #ISO27001 labels that we can later to use to gather evidence that we are implementing different parts of program.

#compliance

#Bedrijven hebben nauwelijks controle over de #veiligheid van de #data van hun klanten als ze met externe partijen in zee gaan.

„Alles wat fout kan gaan, gaat fout.”

138 andere bedrijven die met #Nebu \ #Enghouse werkten, tasten nog altijd in het duister over wat er precies #gestolen is, aldus #advocaat #VeerlevanDruenen van het #marketingbureau.

#cybercrime #Davrados #datalek #cybersecurity #AVG #DORA #ISO27001 #NI2

#Compliance gives you the veneer of #security: it doesn’t give you security.

It might satisfy a regulator, or market, but threats don’t pay heed to scraps of paper.

It does matter if a tool doesn’t do the #OWASP top 10, e.g., but if you only do things to meet that then you miss critical threats.

Compliance is a start, not an end.

Don’t do #SecurityTheater - understand risks to your assets and act!

https://ventureinsecurity.net/p/the-importance-of-adopting-a-security

#DevSecOps #iso27001

Had a debate today (not a massive one) around #NIST and #ISO27001. I use both and dont really havea preference. I actually think they are subtley different, but map very well to each other. The statement I made was that NIST is more accepted in the US and ISO27001 more accepted in the EU and rest of world. Is that a fair statement ?

I am also flying back to #Germany tomorrow. #ISO27001 ISMS Project was for a Sth East Asia based company, and worked out well escaping German winter for as long as I can to do things in local time, and just hang around a couple of months longer enjoying this:

(although it is still cold, going back to -3 C)

I'm talking about https://opencre.org , how it came to be and our amazing new features (machine readable exports in several formats) at the State of Open Con 2023 next week, join me in the security track and let's go on a journey of standards unification away from spreadsheets!
#security #iso27001 #owasp

@CollaboraOffice Congratulations on your #ISO27001 certification!
It really paves the way for software migration/adoption, specially on the public sector!
It makes a world of a difference, in my humble opinion, and a detail blog post about what this particular certification means and the infosec, data protection and information security management protection associated with it is well worth a deeply detailed post about it!!!
It is a strong selling point.
Hope you can make the best out of it! 🤗

RT @CollaboraOffice@twitter.com

Collabora Productivity are pleased to announce that we are ISO 9001 and 27001 certified, ensuring high quality products and services while maintaining the highest levels of security and data protection 🛡️

Thank you for your support! 💜

#ISO9001 #ISO27001

🐦🔗: https://twitter.com/CollaboraOffice/status/1620438067587735557

Collabora Productivity are pleased to announce that we are ISO 9001 and 27001 certified, ensuring high quality products and services while maintaining the highest levels of security and data protection 🛡️

Thank you for your support! 💜

#ISO9001 #ISO27001

Collabora Productivity are pleased to announce that we are ISO 9001 and 27001 certified, ensuring high quality products and services while maintaining the highest levels of security and data protection 🛡️

Thank you for your support! 💜

#ISO9001 #ISO27001

Anyone got any links to Iso27001 implemenation plans and things ?

That aren't sitting behind awful paywalls or adverts for consulting corps ?

#iso27001 #iso #infosec #question

Also Hangman will ich mit den Leuten beim @bsi nicht spielen 😅
#ITGrundschutz #BSI200X #ISO27001

When you talk about a security standard/framework, the management resists with some arguments, like:

-Are we obliged?
-If not, why shall we do? Do not bring headache, etc...

NO! Even if it is not compulsary for your sector, you can take the best practices and adapt to your organization. You don't have to get audited, you don't have to get certified, you don't have to apply them all.

Just take what best fits for you and applicable for your organization.

#Cybersecurity #ISO27001 #NIST #standard #audit

I am thrilled to share that at Desana we successfully completed our ISO27701 certification audit and received a positive recommendation for certification. This is in addition to our ISO27001 certification and our CE & CE+ certifications.
Building an Information Security and Privacy Information Management System from the ground up over the last 18 months has been challenging, but an amazing experience.
#infosec #security #cybersec #privacy #audit #iso27001 #iso27701 #ciso
https://www.linkedin.com/posts/stepram_iso27701-dataprotection-privacy-activity-7019252912665034752-7AYc

Looks like ISO 27001 2022 features Data Leakage Prevention #DLP.

Who lobbied for that?

I don't see 10% of certified businesses who will be able to afford that, let even operate a DLP. This is expensive tech, and costs lots of manpower to deal with on clients (Linux, IoT, ...). Also it's often costly for network gateways, which may need to support protocols like #WCCP.

On top of that #ISO27001 now features Data Masking (incl. PII fields like IP addresses) and anomaly detection (on propper Log Management).

Maybe 1% of the certified businesses have that?

Now the good news is: you have 2-3 years to install it.

Here my co-contribution on the topic "Information Security - lean & agil" at

https://www.springerprofessional.de/informationssicherheit-lean-agil/16967264

with Inge Hanschke.

#CISO #informationsecurity #ISO27001 #ISMS #ITGRC