Blog – Page 6

If you are not measuring it, you are not managing it.

By Tony, on 9 July, 2014

In my last article I spoke at some length about not just why a Security Policy is important, what its content should be, but also how it should be written. There is no default setting for Security Policy. Remember, what works for one organisation probably won’t work for another.

Information Security Management Systems – It’s all about the Business!

By Admin, on 25 May, 2014

An Information Security Management System (ISMS) is a security framework comprised of policies, processes and the management of technologies to address an organisation’s information security requirements.

Using Logical Trust Domains to understand DNSSEC

By Admin, on 12 April, 2014

The implementation of DNSSEC has been gaining momentum recently as organisations and vendors implement and make available the systems and tools required to ensure the integrity of the DNS lookup process.

Better Security Policy Leads To Greater Compliance

By Tony, on 26 March, 2014

It is a long-standing principle that all organisations, from the large multi-national to the small business, need and should have some kind of security policy.

Using Sampling To Ensure Effective Audit, Certification and Accreditation.

By Monique, on 11 March, 2014

At Axenic, we have two ISO 27001 Lead auditors and perform a significant number of certification reviews for NZ government agencies. One of the common challenges of auditing is selecting which controls (both procedural and technical) to assess when a client has a limited time-frame or budget.

Highlights from the Verizon 2014 PCI Compliance Report

By Chris, on 18 February, 2014

Verizon has published its 2014 PCI Compliance Report, which can be downloaded from here. Like their Data Breach Investigation Report (DBIR) it is an excellent piece of research and provides insight into the challenges associated with complying with the Payment Card Industry’s Data Security Standard (PCI DSS) v2.0.

The Blog

Category: Blog