Posted inGovernance
What is a “legacy application”?
Four criteria that can be used to classify something to be "legacy"
Posted inFeatured Information Security Resources
ISO 27001 Gap and Maturity Assessment Templates
Two useful resources for people working on ISO 27001 - a Gap Assessment and a Maturity Assessment template
Posted inInformation Security Resources
Websites to Track Security Breaches & Cyber Incidents
List of websites where you can find information about security breaches
Posted inInformation Security Statistics
Security Maturity Benchmarks
Benchmarks of other companies and industries are very useful to GRC professionals. It is a good indicator to see how leaders, competitors, and the industry overall are positioned in terms…
Posted inCareer
How to get into GRC
One of the common questions that I get from people: how someone could get into Governance, Risk, and Compliance (GRC)
Posted inInformation Security Statistics
Vulnerability Remediation: how fast should you patch?
A collection of statistics I gathered from the Internet on vulnerability remediation timelines.
Posted inInformation Security Statistics
Industry Benchmarks
A collection of posts on cybersecurity industry benchmarks
Posted inInformation Security Statistics
Security Maturity of critical infrastructure operators in Germany, 2024
Germany's BSI reveals ISMS maturity levels for critical sectors in 2024
Posted inFeatured Resources Risk Management
Risk Register Template for Information Security
A comprehensive Excel-based Risk Register template to track all your Information Security risks.