February 8, 2019 | Tools & Templates | Security Policies and Strategy
All security teams moving to the public cloud should adopt cloud-specific security standards. In this Ask-an-Expert written response, IANS Faculty Matthew Chiodi recommends using ISO/IEC 27001 and 27017 as a foundation, and then customizing from there.
Gmail accounts are most often used to launch business email compromise attacks (30%), followed by AOL accounts (11%) and rr.com domains (7%).
Who should own which infosec policies and why? This guide details the appropriate owners of individual infosec policies and standard operating procedures (SOPs).
A good strategic security roadmap focuses on an organization's key risks and how those risk are mitigated over time. In this Ask-an-Expert written response, IANS Faculty Rich Guida offers a step-by-step process for putting a workable three-year strategic plan in place.