Educational | Sorin Mustaca's blog

How to implement an Information Security Management System (ISMS)

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the 3rd step in implementing the requirements of the directive is to establish a cybersecurity framework. If you haven’t read what a cybersecurity framework means, then you should read article: https://www.sorinmustaca.com/demystifying-cybersecurity-terms-policy-standard-procedure-controls-framework/ . An ISMS is typically based on the ISO 27001 standard, which provides a framework for establishing, implementing, maintaining, […]

October 2, 2023November 10, 2023

Cybersecurity ECS Educational NIS2

NIS2: 2.Designate a responsible person or team

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to ensure its success. NIS2 implementation and compliance is a project, and as any project must […]

October 1, 2023November 10, 2023

Automotive Cybersecurity ECS Educational General NIS2 Security

How-To: NIS2 EU Directive

The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member States’ cybersecurity capabilities, its implementation proved difficult, resulting in fragmentation at different levels across the […]

July 24, 2023April 22, 2024

ECS Educational NIS2

Executive summary: NIS2 Directive for the EU members (updated)

The NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common […]

July 12, 2023April 22, 2024

Automotive Educational General IoT

Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions

This is the second article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying […]

July 8, 2023February 21, 2024

Antivirus Cybersecurity ECS Educational

The Importance of Implementing an Information Security Management System (ISMS)

In today’s interconnected and data-driven business landscape, information has become one of the most valuable assets for companies. As organizations rely heavily on technology and digital platforms, protecting sensitive data from threats has become a critical concern. This is where an Information Security Management System (ISMS) plays a pivotal role. In this article, we will […]

July 5, 2023November 10, 2023

Cybersecurity ECS Educational General

How to convince Top Management to invest in cybersecurity and secure software development

I’ve heard many times IT people and Software Developers complaining that they have difficulties to sensibilize their managers to invest more in cybersecurity. Also some employees of my customers in the cybersecurity consulting area show sometimes frustration when we are talking about priorities of their top management – cybersecurity is almost neveve one until it […]

June 28, 2023November 10, 2023

Antivirus Article Cybersecurity ECS Educational improve-your-security Security

Securing the Secure: The Importance of Secure Software Practices in Security Software Development

In an increasingly interconnected digital world, the importance of secure software cannot be overstated. Many people think that by using security software all their digital assets become automatically secured. However, it is crucial to recognize that security software itself is not inherently secure by default. To ensure the highest level of protection, security software must […]

June 20, 2023November 10, 2023

agile Educational General

Checklist for how to become a business owner by selling your skills and passion

I’ve been asked many times what are the steps to build your own business. This is not a post about “how to…”, the Internet and LinkedIn is full of them, but more like a checklist with things you should consider when opening a business to sell your skills and experience. If you are reading this, […]

June 12, 2023June 12, 2023

Educational News

Cyber Diplomacy – a course from UN Office for Disarmament Affairs

I just finished the online course “Cyber Diplomacy“, a course from the United Nations Office for Disarmament Affairs. For me it was interesting to find out how much from the real world has been already applied to the cybersecurity world. Unfortunately, by seeing this, I realized that actually nobody cares about these UN resolutions. For […]

May 25, 2021

Category: Educational