(ISC)2 Official CISSP Practice Exams and (ISC)2 Official SSCP Practice Exams

(ISC)² is dedicated to creating new value-added services for its prospective and more than 50,000 current members worldwide. One of the most exciting of these is studISCope, our online self-assessment tool that helps candidates assess their knowledge of the CISSP or SSCP CBK^®. Together with our partner, Express Certifications – a company renowned for developing innovative testing and training techniques – (ISC)² can now maximize your learning experience and focus your study efforts more precisely along whichever information security career path you choose.

Read More

Open Parachute

What good is a parachute to a skydiver when it is not opened or fails to open? Likewise, what good are security tools/controls/processes to a company when it is not properly implemented or failed to be implemented properly?

Just purchasing more and more tools and establishing multiple security controls and processes without proper implementation may lead one to what one could call “placebo” security.

Implementing security properly would entail a thorough investigation of tools that would handle (mitigate/transfer/eliminate) risk, establishment of processes that would “enable” not “impede” the business(es) that you support, education of your personnel to want to do security because they WANT to, not because they HAVE to and a governance framework  to enforce policies, standards and procedures.

So, what are we talking about – What happens when a skydiver’s parachute is not opened or fails to open …