What happens "between" the strategic and technical Information Security layers in an organisation?
My recent Operativ informationssäkerhet course was fully booked with 19 participants and featured no less than six guest lecturers.
In the photo collage from top left - Sebastian Åkerman (Security Architecture), Henrik Kraft (Safe UX - a new session), Lars Åsander (Crisis Management), Andreas Sjödin (Continuity in a bank), Tomas Karlsson (Agile & Security), Nada Kapidzic Cicovic (Secure Development).
(some of) my events
- 2023-05-11 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2023-01-16---05-28 Sound Engineering I (taking course, Örebro University)
- 2022-11-07---01-13 Measurement Theory and Philosophy of Value (taking course, University of Gävle)
- 2022-12-05 Datavetenskapliga programmet (guest lecturing, University of Gävle)
- 2022-12-01 Riskförmiddag with Riskkollegiet (lecturing at seminar, Uppsala University)
2018-04-20
2018-04-02
on the limitations of copy-paste
http://thebluediamondgallery.com/p/policy.html
Go check the policy.
A policy shouldn't merely exist (although that seems to have been the purpose with some copy-paste examples).
A well-adapted InfoSec policy can be immensely powerful. It is your vehicle for effectively delegating the responsibility for measurable security. Taking a second look at your policy can be time well spent.
Subscribe to:
Posts (Atom)
20230209