How to create an Image File from an Optical Disk
An ISO file is a standard file format to store the content of a drive within a file. This post explains how to create an ISO file from an optical drive (such as CD, DVD or BD) using Windows 10…
Category IT Security
IT Security Regulations
This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. To read a more general post about compliance on general IT security regulations, visit this post. If you want to know regulations…
How to get the Microsoft Certified: Azure Security Engineer Associate Certification
Microsoft Certified: Azure Security Engineer Associate (from now on, MCASEA) is a certification issued by Microsoft. It is an associate certification (level 2 out of 3) within the Microsoft certification scale. This certification was available from at least 2022, and…
Cyber Resilience Act (CRA)
Cyber Resilience Act (CRA) is a European Union (EU) regulation proposal. This post explains some aspects of CRA. Description of CRA CRA was proposed as a regulation by the European Commission in 2022. CRA is called in Spanish as Propuesta…
Digital Operational Resilience Act (DORA)
Digital Operational Resilience Act (DORA) is an European Union regulation. This post is an introduction to DORA. Introduction to DORA Its full title is “Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on…
IT Supplier Risk Management
This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). This post can be considered part of the series about supply chain IT security. Related terms are provider management and IT…
Critical Entities Resilience (CER)
Critical Entities Resilience (CER) is an European Union (EU) directive. This post is an introduction to this directive. Introduction to CER CER was promulgated on 14 December 2022, along with NIS2 and DORA. Its full title is “Directive (EU) 2022/2557…
IT Vulnerability Scoring Systems
This post features scoring systems for IT vulnerabilities. List of Vulnerability Scoring Systems These are the resources for vulnerability scoring systems: The most popular is CVSS. CVSS Common Vulnerability Scoring System (CVSS) is an open standard that provides an open…
IT Risk Management
IT risk is any risk that is specific to information technology. IT risk management deals with the IT risk within an organization. In an organization, IT risk management may be done by the IT security department or the risk department.…
Cloud Security Compliance
This post summarizes some aspects of cloud security that need to be taken into account regarding compliance. To monitor cloud security compliance, we need to check all compliance sources and how they affect cloud security. Compliance sources: Limits of Cloud…