Business Information Security

In most situation cyber security consultants tends to recommend technological solutions to problems, that can be a new firewall, new IDs, new WAF, new OS etc the list is endless. What most people tends to ignore that we are not in the business of information security or cyber security, rather we are in the business to support the businesses, realising their objectives securely. That is where the term business information security comes into play and welcome to the world of SABSA.

While many of you, may you not even heard of SABSA, in a nutsell, it is a framework of delivering business focused information security. This framework/ methodology is ideally if you want to make sure you are in the right business of supporting the business achieving its goals/objectives securely.

To explore your knowledge go here https://sabsa.org/ and I will catchup with you later.

Disclosure: I am a qualified SABSA Security Architect.

Author: kinyoka

A certified Information Security professional, with demonstrated experience spanned more than 10 years in financial, banking, consulting, and payment card industries in managing Information Security System Management ISMS. A post graduate degree holder in Information Security Management (M.Sc); Certified Information Security Manager (CISM), Payment Card Industry Qualified Security Assessor (PCI QSA), SABSA Chartered Security Architect (SCF), ISO 27001 Lead Auditor, CREST Registered Technical Security Architect (TSA), CREST Registered Penetration Tester (CRT), and a member of ISACA. Demonstrated to be reliable, trustworthy, and meticulous person; working in a controls-focused environment, multinational, and multicultural organisation over the years and gained a good understanding of what is required of the Information Security professional. . Specialties: ISMS based on ISO/IEC 27001/2 Payment Card Industry (PCI) DSS - QSA led services - PCI Scoping, Gap Analysis and Formal Assessment (RoC) IT Governance, Risk and Compliance (GRC) Management Cyber Security Penetration Testing Enterprise Security Architecture Technical Security Architecture

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s