Most read categories

NIS2

NIS2

10 posts
Cybersecurity

Cybersecurity

46 posts
AI & ML

AI & ML

4 posts
Educational

Educational

65 posts
Cybersecurity DORA NIS2

Understanding NIS2 and DORA: What executives need to know

These days businesses are subject to increasing regulatory scrutiny, particularly regarding cybersecurity and operational resilience. Two significant EU regulations, NIS2 (Network and Information Systems Directive 2) and DORA (Digital Operational Resilience Act), outline mandatory requirements for organizations. Failure to comply can result in severe penalties. It is essential for executives to understand how these regulations […]

agile CSSLP ECS Educational Security SSDLC

Delivering secure software in an agile way

  Agile Software Development: Why It’s Better Traditional development methodologies, such as the Waterfall model, struggle to keep up with the need for quick iterations, frequent releases, and adaptability to changing requirements. Agile software development addresses these challenges by emphasizing flexibility, collaboration, and continuous delivery. Agile methodologies break down the development process into smaller, manageable […]

Article Cybersecurity ECS Educational ISMS ISO 27001 Security TISAX

ISO 27001:2022 and TISAX: overlaps and differences

Introduction ISO 27001:2022 and TISAX VDA ISA 6.0 are two prominent standards in the realm of information security management, particularly within the automotive industry. While ISO 27001 provides a global framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS), TISAX (Trusted Information Security Assessment Exchange), based on the VDA ISA […]

ECS Educational General SOC2

Understanding the SOC 2 Certification

Introduction SOC 2 (Service Organization Control 2) certification is a framework designed by the American Institute of CPAs (AICPA) to help organizations manage customer data based on five Trust Service Criteria: , confidentiality,processing integrity, availability, security and privacy. This certification is crucial for service organizations that store or process customer data in the cloud. Comparison […]

Cybersecurity ECS Educational ISO 27001

Implementing ISO 27001:2022 Annex A.18 – Compliance

We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we end the series with ISO 27001:2022 Annex A.18, “Compliance”, which addresses the importance of ensuring that organizations comply with relevant laws, regulations, contractual agreements, and other requirements related to information security. This annex focuses […]