Chris and Michael will be presenting at the 24th International Computer Security Symposium & 9th SABSA World Congress, which will be held in Ireland between the 1 – 5 October 2016.
The following provides a synopsis of their sessions, visit the COSAC website here for more information and the full conference schedule.
Okay, I know I promised to delve into and discuss the requirements defined in 4 Context of the organisation. However, I realised that they are other common myths that I should dispel for those of you that are interested in implementing an Information Security Management System (ISMS) that conforms with ISO/IEC 27001:2013 (ISO 27001).
Reports surfaced on the 12th of April of a botnet that attacks IoT running BusyBox and other Linux-based devices. The bot, which is believed to be active since the 20th of March 2017, exploits hard-coded passwords of devices with published SSH or telnet, as well as attempting to brute-force passwords of devices with non-default credentials. As the name suggest, BrickerBot bricks the devices and leaves them completely useless. This is done by executing a set of commands to delete storage, corrupt routing and others.
When using devices and online services, always use modern, convenient and strong access controls. Fingerprint sensors are brilliant for controlling access to personal devices, a good password manager makes creating and remembering passwords a breeze, and adding multi-factor authentication is the best approach for protecting the accounts you really care about.
This is a new blog series on implementing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013 (ISO 27001). This is the first in a series of blog articles aimed at helping organisations understand the value of implementing an ISMS that conforms with ISO 27001.
In the information security industry, we are provided plenty of top-lists and guidance that help us identify information security threats, and determine security controls to mitigate these threats.