Posted inCareer
How to get into GRC
One of the common questions that I get from people: how someone could get into Governance, Risk, and Compliance (GRC)
Posted inInformation Security Statistics
Vulnerability Remediation: how fast should you patch?
A collection of statistics I gathered from the Internet on vulnerability remediation timelines.
Posted inInformation Security Statistics
Industry Benchmarks
A collection of posts on cybersecurity industry benchmarks
Posted inInformation Security Statistics
Security Maturity of critical infrastructure operators in Germany, 2024
Germany's BSI reveals ISMS maturity levels for critical sectors in 2024
Posted inFeatured Resources Risk Management
Risk Register Template for Information Security
A comprehensive Excel-based Risk Register template to track all your Information Security risks.
Posted inCompliance Information Security
SAP achieves NIST CSF Tier 3
The ERP giant makes a giant leap forward with security!
Posted inInformation Security Statistics
NIST CSF’s popularity
NIST CSF is rising in popularity and it's the only real global competitor for ISO 27001. With version 2, this probably will only accelerate.
CISO stress report
Nominet's 2020 report shows how stressful the job is. Not very encouraging for aspiring CISOs.
Posted inInformation Security Risk Management
Insider Threat scenarios from Carnegie Mellon
Some gems from CMU that's great for tabletop exercises and simulations