InfoSec Insider Podcast - Episode 17 Mistakes to Avoid When Implementing & Maintaining an ISO 27001 ISMS In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, breaks down the common mistakes and challenges organisations come up against on both sides of their certification assessment, i.e., before the external assessment when the Information Security Management System (ISMS) is first being implemented, and after certification has been achieved and the ISMS is being maintained. Wayne leverages his 30+ years of experience in information security and risk management to discuss: · The mistakes he frequently sees organisations make when implementing ISO 27001 and preparing to certify · The common mistakes organisations make in maintaining their ISMS and ISO 27001 certification · New common pitfalls he has seen regarding organisations’ implementation of the 2022 version of the Standard · Challenges and mistakes that organisations from particular industries and sectors should look out for. Listen to the episode: Podbean: https://lnkd.in/eKNgRBgT Apple Podcasts: https://lnkd.in/eHUgA3WU Spotify: https://lnkd.in/ePxDGs5s YT: https://lnkd.in/eGqQMBmZ URM website: https://lnkd.in/eyFQ3T-X #podcast #informationsecurity #infosec #ISO27001 #ISO27001Implementation #ISMS #ISO27001Certification #InformationSecurityManagementSystem
URM’s Post
More Relevant Posts
-
OT/ICS Security Specialist/Consultant | Specializing in Risk Management | ICS/OT Security | ISA/IEC 62443 Cybersecurity Fundamental Specialist| ISO 27001 | NIS 2| CISM | CRISC | ISA/IEC 62443 | Luxembourg
Coming from the IT Security world this tool CyberToolFramework https://lnkd.in/ePXTcGkk is definitely a good starting point. Being familiar with CIS Top 18 helps you navigate simply. The list of OT specific tools is definitely a value add. #OTSecurity #Tools #Cybersecurity #IndustrialSecurity #CISTop18 #CyberForWomen
VP Industrial Security, Author, CS2AI Founding Fellow, Industrial Security Podcast co-host, MS, CISSP, ISP, ITCP
The CIS Top 18 is widely used in IT. Jack Bliss of 1898 & Co. has adapted the CIS top 18 to the needs of OT and industrial sites based on his field notes of working in the space for a number of years, capturing his best practices. The Jack's CyberToolFramework is a great resource for OT practitioners and you can find it here - https://bit.ly/3z8kKAa. The framework, is short, sweet, usable, and it connects the worlds of IT and OT. It’s a great place to get started with concepts that that lead into more advanced risk management and other advanced OT topics. I wish more people would write down what they’re learning, write down the knowledge that they use every day for other people to come up to speed and take advantage of it. We dig into this framework and more in eps 129 of the Industrial Security Podcast ➡️ https://bit.ly/4ggMAeg
-
VP Industrial Security, Author, CS2AI Founding Fellow, Industrial Security Podcast co-host, MS, CISSP, ISP, ITCP
The CIS Top 18 is widely used in IT. Jack Bliss of 1898 & Co. has adapted the CIS top 18 to the needs of OT and industrial sites based on his field notes of working in the space for a number of years, capturing his best practices. The Jack's CyberToolFramework is a great resource for OT practitioners and you can find it here - https://bit.ly/3z8kKAa. The framework, is short, sweet, usable, and it connects the worlds of IT and OT. It’s a great place to get started with concepts that that lead into more advanced risk management and other advanced OT topics. I wish more people would write down what they’re learning, write down the knowledge that they use every day for other people to come up to speed and take advantage of it. We dig into this framework and more in eps 129 of the Industrial Security Podcast ➡️ https://bit.ly/4ggMAeg
-
Making ISO Certification Painless and Profitable.... TRAINING ● CONSULTING ● ISO SOFTWARE
Here's a look at clause 6.2 of ISO 27008, Resourcing and Competence for doing ISMS audits, particularly the controls in Annex A. Let me know if you have any specific topics related to this that you'd like to hear about in these podcasts...thanks! Click here to try Conformance1's free online ISO 27001 Gap Checklist: https://lnkd.in/gP57EWzD #iso27001 #ISMS #informationsecurity
Guidelines For The Assessment of Information Security Controls - Clause 6.2 Resourcing and Competence - The ISO Review Podcast
buzzsprout.com
-
Afni CISO Brent Deterding shares his four security non-negotiables, strategies for stress-fee incident response, and much more in the Future of Security Operations podcast by Tines. Listen now to gain some honest and helpful insights!
🎙️ A brand new episode of the Future of Security Operations podcast is here! This week, Thomas Kinsella chats to Brent Deterding, CISO at Afni, Inc., who shares his security non-negotiables, discusses his face-off against threat group Scattered Spider, and walks us through his custom risk framework (including a shout-out for Andy Ellis!) Listen here or wherever you get your podcasts: https://lnkd.in/e-xh3_CJ
-
Founder of The ITSM Practice Podcast | ITIL Ambassador | Helping CIOs in Fintech, Telecom, and Managed Services Define Robust Service Management and Security Operating Models
David and Ken are discussing ITIL and its support for IT Security. This is likely of interest to ITMS and IT Security Professionals. ---------- 🔍 Follow me for daily insights on ITSM and IT Security. 🎧 Check out The ITSM Practice Podcast on Spotify: https://lnkd.in/dJh7UnzC #itsm #itsecurity
Tech Executive Seeking Next Engagement | AI & Digital Transformation Leader | Ex-KPMG | Former CIO | Industry & Keynote Speaker | ITIL4 Master | [email protected]
In today's Service Management Leadership Podcast, David Cannon & Ken Jarvis discuss another benefit of incorporating ITIL, liaising with information security. Feedback always welcome. https://lnkd.in/gqsBE5RQ
-
New Podcast Episode – Governance and Security: From State Interference to Global Threats Join us for the latest episode of the Advent IM podcast, Risk & Business! We were joined by Philip I. and Scott Wesley SRMC® MSyl who provided some amazing insight, so be sure to tune in... Listen here - https://lnkd.in/eJ4DWXaQ #SecurityPodcast #Governance #Security #NewPodcast
-
-
Trusted ICS/OT Security Advisor connecting security and safety through deep expertise in process control and safety management.
Great information here. Check out the CyberToolFramework.
VP Industrial Security, Author, CS2AI Founding Fellow, Industrial Security Podcast co-host, MS, CISSP, ISP, ITCP
The CIS Top 18 is widely used in IT. Jack Bliss of 1898 & Co. has adapted the CIS top 18 to the needs of OT and industrial sites based on his field notes of working in the space for a number of years, capturing his best practices. The Jack's CyberToolFramework is a great resource for OT practitioners and you can find it here - https://bit.ly/3z8kKAa. The framework, is short, sweet, usable, and it connects the worlds of IT and OT. It’s a great place to get started with concepts that that lead into more advanced risk management and other advanced OT topics. I wish more people would write down what they’re learning, write down the knowledge that they use every day for other people to come up to speed and take advantage of it. We dig into this framework and more in eps 129 of the Industrial Security Podcast ➡️ https://bit.ly/4ggMAeg
-
Founder & CEO Blackmores (UK) Ltd and Carbonology Ltd, Podcaster. Helping businesses to raise standards.
Thank you to Adam Turteltaub CCEP, CHC, host of the Compliance Perspectives Podcast, for featuring me in his latest episode! 😊 It was great to discuss the process and benefits of implementing ISO 27001. For those that are on the fence, or would simply like to learn more about the leading Information Security Standard, go give it a listen: https://lnkd.in/etXZBCWD
-
-
The Voice of Compliance*Founder of The Compliance Podcast Network*Evangelizing for and Serving the Compliance Community
🎙️ Dive deep into compliance with our award-winning podcast, Compliance into the Weeds! Join us as we dissect the intricacies of risk assessment in our latest episode. From navigating external threats to fine-tuning internal controls, we've got you covered. Listen in for expert insights and real-world experiences on managing compliance risks effectively. Don't miss out on the valuable tips shared in this episode! Tune in now and stay ahead of the compliance curve! 🚀 https://bit.ly/3vD7aTV #Compliance
-
🎙️ Dive deep into compliance with our award-winning podcast, Compliance into the Weeds! Join Tom and Matt as they dissect the intricacies of risk assessment in our latest episode. From navigating external threats to fine-tuning internal controls, we've got you covered. Listen in for expert insights and real-world experiences on managing compliance risks effectively. Don't miss out on the valuable tips shared in this episode! Tune in now and stay ahead of the compliance curve! 🚀 https://bit.ly/3vD7aTV #Compliance
