Categories
For Infosec professionals Infosec for everyone

Risks of BYOD

A BYOD article that I was reading on the net started “BYOD is becoming a rule rather than an exception.” That set me thinking. Really? How many of the large corporates that I have worked with allow BYOD? Surprisingly (or unsurprisingly, if you wish) None. I looked at the article again. It is written by […]

Categories
Infosec for everyone

BYOD – A fairy tale for a four letter word…

OK, I HAD to write this one. Wherever I go these days, people seem to be using this four letter word. BYOD – Bring Your Own Device, seems to be the latest buzzword in the IT and info-sec world these days. As usual, I will try to take a practical view of BYOD with a […]

Categories
For Infosec professionals

Info-Sec Risk Management – Establishing Context

Talking about information security without mentioning risk management is like talking about literature without mentioning Shakespeare or philosophy without mentioning Socrates. While every info-sec professional worth his salt will know his threats from vulnerabilities, the actual designing of a risk management program in an organization is often neglected. Most organizations hire consultants to define a […]

Categories
BCMS

ISO 22301 – How different is it from BS 25999? – 4

Testing of BCMS, which is ‘BCM Exercising’ in BS 25999 and ‘Exercising and Testing’ in ISO 22301 has not changed much. It was a disappointment in BS 25999 and it is a disappointment in ISO 22301. Both the standards want us to conduct tests that are consistent with the scope and objectives of BCMS and […]

Categories
BCMS

ISO 22301 – How different is it from BS 25999? – 3

‘Leadership’ is a new section in ISO 22301. The content of the sections under ‘leadership’ are not drastically different from what BS 25999 expects from the top management. ISO 22301, however, has combined it into a single section. It divides ‘Leadership’ into three key sub-sections. Management commitment, policy and organizational roles, responsibilities and authorities. This […]

Categories
BCMS

ISO 22301 – How different is it from BS 25999? – 2

We continue with our analysis of ISO 22301 vs. BS 25999. We reviewed the initial parts of the standards and the definitions. There have been interesting additions (MAO, RPO, MBCO), some of which are welcome additions while some are uncalled for. Let us begin where we left off: Context of the organization Context establishment seems […]

Categories
BCMS

ISO 22301 – How different is it from BS 25999?

With the release of every new standard, the average consultant, feels his adrenalin rush. She makes funky presentations and tries to convince her clients that the standard is the best thing since sliced bread. If the standard has been a much awaited standard the presentations get funkier and the noise made for clients to implement […]

Categories
BCMS Infosec for everyone

6 Tips to handle strikes and bandhs in India – a BCMS perspective

Handling Strikes and Bandhs in India. A few tips that will help you better improve