Due to the rapidly increasing threats to an IT operation, every company should survey and evaluate the relevant IT threats with regard to information security. However, the selection of threats for the primary InfoSec protection goals confidentiality, integrity and availability is very complex, because there are no simple threat lists, especially for small and [...]
Before performing a penetration test, the question arises as to how the pentest should be performed. Here, pentesters distinguish between the following approaches: Blackbox test Whitebox test Graybox Text Which test is best suited for an audit? Black box or black box test With this penetration test method, the pentester does not [...]
"Delivery encrypted or locked" - for your ISMS we are happy to provide our free and royalty-free graphic. Use the "Save graphic as" function of your browser to use this pictogram for your information security system. Abbildung: Lieferung verschlüsselt oder versperrt With this pictogram you can create understandable user policies, which are required [...]
We would like to provide valuable tips for the implementation of ISO 27001 for all companies that are aiming for certification. The ISO 27001 standard describes the requirements of an information security management system (ISMS), which also includes having a person responsible for information security. This person is often called the information security officer [...]
The CIS Compliance Summit is the Austrian platform for experts, security managers and decision-makers in the security industry and will take place in 2021 with a new branding. On September 8, 2021, top experts will present at the free CIS Compliance Summit at the Kursalon in Vienna why management systems are the most effective [...]
On the occasion of the SEC4YOU user meeting in June 2021, we presented the current draft the new ISO/IEC 27002:2021. The new ISO 27002:2021 is an extension of the aging ISO 27002:2013 (+corrections from 2014 and 2015) and adds the following control objectives: Threat intelligence Information security for use of cloud services ICT readiness [...]
On October 12, 2020, the Institute for Internal Audit Austria will host the seminar "ISO/IEC 27001 - Structure and Audit of an ISMS" in Vienna. The seminar will be led by SEC4YOU Managing Director Manfred Scholz. ISO 27001 defines the requirements for an Information Security Management System (ISMS) and describes a continuous improvement process (CIP), [...]
The Institute for Internal Audit Austria offers the seminar "IT-Security / Information Security" from September 28 to 29, 2020 in Vienna. The seminar will be led by SEC4YOU managing director Manfred Scholz. IT security is very often understood as technical measures that are intended to selectively eliminate certain vulnerabilities. From the point of view of [...]
The Academy Internal Audit offers the training "Introduction to IT Auditing" from June 15 - 16, 2020. SEC4YOU Managing Director Manfred Scholz will lead the training in Vienna. From the seminar objective: It will be clearly shown that even non-IT specialists can cover many areas of IT auditing. Almost every process in a company is [...]
"Shredder Security Level P5 - Document Shredder" - for your ISMS we are happy to provide our free and royalty-free graphic. Use the function "Save graphic as" of your browser to use this pictogram for your information security system. Figure: Shredder safety level P5 With this pictogram you can create understandable user policies, [...]
