NBlog - the NoticeBored blog

Bright and shiny things from NoticeBored, the innovative monthly information security awareness subscription service

Latest articles

NBlog Oct 8 - is Facebook an asset?

Yet another good question came up on the ISO27k Forum today*. Someone asked whether to add the company's Facebook page to their information asset register (implying that it would need to be risk-assessed and secured using the Information Security Management System processes), or whether the asset should be the Facebook account (ID and password, I guess)**.From...

NBlog Sept 27 - 2021 infosec budget

Are you responsible for your organisation's information security or cybersecurity budget? Are you busily putting the finishing touches to your 2021 budget request, still working on it, just thinking about it, or planning to do it, honestly, when you next come up for breath?Budgeting is generally a dreaded, stressful management task. Not only do we have...

NBlog Sept 24 - status of ISO27001 Annex A

One of the recurrent (zombie) threads on the ISO27k Forum concerns the status of ISO/IEC 27001:2013 Annex A. Typically the zombie is prodded from its slumber by a relatively inexperienced member naively suggesting that certain security controls from Annex A are essential, implying that they are mandatory for certification.In the course of debating and...

NBlog Sept 4 - standardising ISMS data interfaces

We've been chatting on the ISO27k Forum lately about using various IT systems to support ISO27k ISMSs. This morning, in response to someone saying that a particular tool which had been recommended did not work for them, Simon Day made the point that "Each organisation trying to implement an ISMS will find it’s own way based on their requirements."Having...

NBlog Sept 3 - ISO27001 rocket fuel

We're on a mission to convince every organisation that managing information risks properly is more than just a compliance imperative. It's good for business.Is your organisation looking to raise its security game? Are managers worried about ransomware, privacy breaches and intellectual property theft, especially now with so many of us working from...

NBlog Aug 28 - NZ Stock Exchange DDoS continues

The New Zealand Stock Exchange is having a rough week.  Under assault from a sustained DDoS attack, its web servers have crumpled and fallen in an untidy heap again today, the fourth day of embarrassing and costly disruption.DDoS attacks are generally not sophisticated hacks but crude overloads caused by sending vast volumes of data to overwhelm the...

NBlog Aug 27 - creative teamwork post-lockdown

A couple of days ago I blogged about MURAL, just one of many creative tools supporting collaborative working. If you missed it, please catch up and contemplate about how you might use tools such as that right now for teamworking during the COVID19 lockdowns.Today I've been thinking about 'the new normal' as the world emerges from the pandemic, inspired...

NBlog Aug 26 - ISMS templates

Systematically checking through ISO/IEC 27001:2013 for all the documentation requirements is an interesting exercise. Some documents are identified explicitly in the standard and are clearly mandatory, while many others are only noted in passing, often in ambiguous terms or merely alluded-to ... which can make it tricky to both comply with the standard...

NBlog Aug 23 - ISMS comms plan

Yesterday I started preparing an ISMS communications plan to satisfy ISO/IEC 27001:2013 clause 7.4, with a little help from the Web.Naturally I started out with the standard itself. Clause 7.4 doesn't literally demand that organisations must have a "communications plan" as such, otherwise it would have been one of the mandatory documents included in...

NBlog Aug 20 - creative teamwork in lockdown

Inspired by a heads-up from a colleague on LinkeDin, I bumped into MURAL today.MURAL is a 'digital workspace for visual collaboration' by virtual teams.   The animated demonstration on their home page caught my beady eye. Here's a static snapshot as a small group of people are busy placing/moving blobs on a graphic, presumably while discussing what...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!