Posts

CISSP Domain 2 Changes - 2018 vs 2015

Image
There are hardly any changes which have been done in this domain. Cryptography has been explicitly removed and will be added to Data Protection Methods. Overall Result - No Change. 2015 Exam Outline 2018 Exam Outline Classify Information and Supporting assets ( e.g. sensitivity, criticality ) Identify and classify information and assets Data classification Asset Classification #No Change Determine and maintain ownership ( e.g. data owners, system owners, business/mission owners) Determine and maintain information and asset ownership #No Change Protect privacy Data owners Data processors Data remanence Collection limitation Protect privacy Data owners Data processors Data remanence Collection limitation #No Change Ensure appropriate retention ( e.g. media, hardware, personnel) Ensure appropriate asset retention #No Change Determine data security controls

CISSP Domain 1 Changes - 2018 vs 2015

Image
The new exam outline has been released by (ISC)2 for the CISSP exam. I will be evaluating each domain of the 2015 & 2018 exam outline and would present you a point by point change in the course content.  New Course Content which has added in the 2018 edition will be added in the form of posts on the blog. Here is the overall result in Domain 1: Extremely Limited Change 2015 Exam Outline 2018 Exam Outline Understand and apply concepts of confidentiality, integrity and availability Understand and apply concepts of   confidentiality, integrity and availability # No Change Apply security governance principles through Alignment of security function to business strategy, goals, mission, and objectives Organizational processes (e.g., acquisitions, divestitures, governance committees) Security roles and responsibilities Control frameworks Evaluate and apply security governance principles Alignment of security f

Top IT Security Certifications 2018

Image
The year 2018 started with Meltdown & Spectre as the most talked about vulnerabilities. Recently Facebook announced the data misuse of around 87 million+ users whose data had been compromised in some manner. What does this mean for in time to come: more breaches, bigger losses, more coverage and more jobs and opportunities for IT and programming professionals. By the end of 2018, the bubbles in the website informationisbeautiful ( http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ ) would have grown bigger.  Such breaches and vulnerabilities would require more and more security professionals to work in the industry. “Cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021”is what has been predicted by CSO ( https://www.csoonline.com/article/3200024/security/cybersecurity-labor-crunch-to-hit-35-million-unfilled-jobs-by-2021.html )  When evaluating prospective InfoSec candidates, employers frequently look to certification as an

Take Control of Your Data – Part 3

Image
It’s not just Google as covered in Part 1 or Facebook in Part 2 who is collecting user data. Even when we browse or download an application from either the play store or iOS store, data is collected and aggregated about us. Our emails are analyzed to target us with relevant advertisements. Another case is those websites (fake) or even the real ones which collect our data to provide us with a service. Most of these websites do not detail as to how are they handling, storing or retaining the data. Let us understand by two such examples before identifying the ultimate tips to take control of your data.  Example 1: The Curious Case of Discounts & Offers Recently, I received a message about Reliance Jio Fiber offering services in New Delhi, India. I decided to visit this website. When I logged on to this website, it congratulated me on taking the first step towards ultra-low cost Gigabit broadband service. It then expressed disappointment that the service is however not

Take Control of Your Data – Part 2

Image
The second part of this series deals with handling information on the most populated social media channel of the world – FACEBOOK. In the wake of the data leakage at Facebook via Cambridge Analytica, #deletefacebook started trending on Twitter. The data of around 87 million+ people were misused in some manner or the other to influence them or their voting patterns. Does that include your data? If you want to check, read on.  Since the scandal, Facebook has banned the third party brokers, so that means your data is safe. Absolutely not!!! They’ve banned third-party brokers, not collecting your data. That will continue. Thus, it will be sold – maybe at better rates now as Facebook will do it directly. Ironically, Facebook may profit from a problem of their own making! Also, Zuckerberg himself has said that it could take another two years to fully safeguard users’ data. Don’t you think that you need take control of your data? If yes, let’s begin. Let’s Create Confusion

Take Control of Your Data – Part 1

Image
This 3 part series is focused on helping you identify the data which the commonly used services capture and how can we either delete or minimize the data which they capture. This article focusses on Google Maps. Through this article, I would explain you about the data which Google Maps collects about you, the time lines, the settings and other options which will help you minimize your exposure.  Do you know Google Maps has records of your travel since 2009? Do you know that the location history can be turned off? If you would like to take control of your data, read on.  To check what Google Maps stores about you, go to the following link - https://www.google.com/maps/timeline?pb 1. You’ll be able to see your timeline at the top left. If you click on today, you be able to check your today’s history. You can also check your travel records by changing the date and time. The red portions show where you have visited frequently over time. 2. A good decision would be t

[CyberSecurity Awareness Series] The Other Side

Image
The body did not move when touched. The police carefully placed the body on the floor after it was found hanging from the fan. There was a suicide note which gave detailed reasons as to why Siddharth (popularly known as Sid) had to take this extreme step. Sid’s mother was in a mental shock after reading the letter. She gave the letter to her husband who read it afterward. He could not believe what was written in that letter. The police officials asked the parents if they had noticed any change in Sid’s behavior over the last month. Well, they could have answered it only if they spent time with him. Sid’s parents were working as senior managers in MNCs. They tried to spend time with him sometimes, but work pressures and delivery timelines always kept them busy. Well, at least they did not disappoint Sid with the gifts he wanted. This time too, Sid got what he had demanded. The police officials confirmed that they would investigate what was written in the letter, but everyone k

[Security Awareness Poster] Think Before You Post On Social Media

Image
What are your thoughts on sharing personal information on social media? Share your comments in the comments section below. Download the poster for FREE from the downloads section.

[CyberSecurity Awareness Series] The Whistle Man

Image
It was as if a shadow was moving around trying to slip inside. It was early morning and the person knew that this was the right time to sneak inside as if he was aware that the whistle man would not have arrived by that time. The person had a mission to accomplish and no one could come in the way. The shadow moved subtly inside the work area, opened the bag and pulled out a small crude looking box. The hands trembled initially, but instantly, a burst of anger came back and the box was placed in one of the open drawers. It was time to slip outside for the deed had been done. --------- Akriti gave an indicator to turn right into the campus of “ILoveITSoultions”. She parked her car, took her bag from the back seat of the car and moved to enter the campus. As she was about to enter the location’s door, a usual high pitched sound of a whistle tore through the otherwise calm surroundings. She knew instantly what the fuss was all about, yet Akriti attempted to move inside. An ol

10000 views , Google Plus Collection, New Downloads Section and Much More

Image
Thank you for all the love and support which this blog has received from all the readers around the world. This blog has crossed a total of 10,000+ views in a short time all because of you - the readers . On this occasion, I m delighted to share the Google Plus collection Page which has been created to share the articles and latest updates with you. I would love if you would follow, +1 and share it extensively so that the love spreads further. There is also a Downloads section now where I would be sharing free resources such as security awareness posters, templates, case studies and detailed articles for your perusal.  Stay Tuned for exciting stuff which will be posted on the blog and YouTube channel in some time. Happy Reading.