FixNix Blog

Enterprise Risk Management

May 10, 2019 5:37:42 AM / by Sachin Dhantole posted in fixnix, grc, Risk Management, Blog, risk

0 Comments

 

Read More

Blockchain and whistle blowers

May 10, 2019 5:05:16 AM / by Prasanna Venkatesh posted in grc, Whistle blower, blockchain, Blog, cybersceurity, Regtech

0 Comments

A whistleblower is a person who comes forward and shares his/her knowledge on any wrongdoing which he/she thinks is happening in the whole organisation or in a specific department. A whistleblower could be an employee, contractor, or a supplier who becomes aware of any illegal activities.

Read More

Why asset important for information security management

May 10, 2019 4:52:00 AM / by Shanmugavel Sankaran posted in fixnix, Blog

0 Comments

Asset management

There is a lot to know about asset management because it has become more of a necessity for businesses across all verticals.

Read More

Security polices embedded in the information technology.....

Apr 18, 2018 3:23:22 AM / by Shanmugavel Sankaran posted in Blog

0 Comments

The confidentiality,integrity,availability of the data is very important for the good governance  Failure to adequately secure information increases the risk of financial and reputational losses.   This information security policy outline approach to information security management.

Read More

How to Identify Security Breaches Quickly?

Apr 18, 2018 3:22:45 AM / by Shanmugavel Sankaran posted in fixnix, cybersceurity, risk

0 Comments

Network administrator and cabling teams are the key persons spotting the security breaches in an organization. Two technologies currently used in network monitoring systems: SPAN (switched port analyzer), also known as port mirroring, and TAP (traffic access point). A SPAN port copies traffic from any traffic port to a single unused port. SPAN ports also prohibit bi-directional traffic on that port to protect against back flow of traffic into the network, and direct packets from its switch or router to the test device for analysis. A tap, on the other hand, is a passive component that allows non-intrusive access to data flowing across the network and enables monitoring of network links. A tap uses passive optical splitting to transmit inline traffic to an attached monitoring device without data stream interference. So, they are completely passive and cause no disruption to the live network.

Read More

The Importance Of Organization Information Security.........

Apr 18, 2018 3:22:03 AM / by Shanmugavel Sankaran posted in Blog

0 Comments

To implement an security control inside the organization is very important for the organization to survive and to have some competitive advantage. By having the segregation of duties is very important apart from that who is doing what and the roles and responsibilities of the persons i the organizations is very important so that to classify like what is the role of information security officer in the organization.

Read More

Access Control- Limiting access to a system

Apr 18, 2018 3:21:23 AM / by Shanmugavel Sankaran posted in Blog

0 Comments

A.9. Access Control

Read More

Keep Calm and have a Business Continuity Management in Place.

Apr 18, 2018 3:21:01 AM / by Shanmugavel Sankaran posted in fixnix

0 Comments

Information Security aspects of Business Continuity Management

Read More

Whistle Blowing Using Blockchain the New Concept....

Apr 18, 2018 3:20:39 AM / by Shanmugavel Sankaran posted in Whistle blower, Blog, Digital Money

0 Comments

 

Read More

An Incident Management is a must in today's organisation!!

Apr 18, 2018 3:20:12 AM / by Shanmugavel Sankaran posted in fixnix

0 Comments

A.16. Information security incident management

An incident is defined as any disruption in IT service. Incident management deals with handling incident and ensures to restore IT service soon as possible. The A.16. clause of the ISO 27001 provides appropriate methods to manage any information security incidents that may take due to a series of unforeseen adverse events. It also formulates strategies for improvements in the information security domain. Information security incident management ensures a consistent & effective approach to the organisation's management about information security incidents, security events and weaknesses.

This clause fortifies the management's responsibilities and procedures to ensure a quick, effective and orderly response to information security incidents. The information security events are reported through appropriate management channels as quickly as possible which helps the employees and contractors to report any observed or suspected information security weaknesses in systems or services.

The information security events are assessed thereafter to decide if they are to be classified as information security Incidents or not. The events which are classified as information security incidents shall be responded to in accordance with the documented procedures. Some of the activities which are conducted in incident management are as follows:

  • Understanding what exactly has gone wrong
  • Understanding chronological order of the events
  • Confirming the full impact of the incident
  • Identifying any events that could have triggered the incident
  • Searching for previous similar kind of incidents

There are always some incidents which are not new. They may happen again over a period of time. Therefore, it is best practice to have pre-defined model to handle such incidents. The knowledge gained from analysing and resolving information security incidents should be stored & used to reduce the likelihood or impact of future incidents. The organisation has to define and apply procedures for the identification, collection, acquisition and preservation of information, which can serve as evidence.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

see all

Recent Posts