Everything about SOC 2 Type I
SOC 2 controls are based on the Trust Services Criteria deemed applicable to your organization. A SOC 2 report focuses on non-financial criteria related to security, availability, confidentiality, processing integrity,…
Canadian Cybersecurity and Privacy Framework
In Canada, the cybersecurity legal landscape is governed by various laws including privacy, anti-spam, criminal liability, and intellectual property:
CyberSecurity Review Resources for SaaS / PaasS & Other IT Solution
This post collects some useful resources to have a proper CyberSecurity review to any SaaS, PaaS, and other IT solutions.
Risk Management Knowledges
Governance is at the centre of effective technology risk management. Those charged with governance should work with the management team to develop and oversee the firm’s technology strategy and risk…
[Cybersecurity Architecture] Risk Management
Governance is at the centre of effective technology risk management. Those charged with governance should work with the management team to develop and oversee the firm’s technology strategy and risk…
TOGAF Knowledges Collection
TOGAF®, an Open Group standard, is a proven enterprise architecture methodology and framework used by the world’s leading organizations to improve business efficiency. TOGAF® helps practitioners avoid being locked into…
Cybersecurity Governance Overview
Cybersecurity governance refers to the component of governance that addresses an organization’s dependence on cyberspace in the presence of adversaries. The ISO/IEC 27001 standard defines cybersecurity governance as the following:…
Cybersecurity Architecture Knowledge Overview
What is Cybersecurity Architecture: The practice of designing computer systems to ensure the security of underlying data.
Cybersecurity Architecture Practice Overview
This post summarizs some popular practical security architecture designs / concepts from different security vendors.
Microsoft Threat Modeling Tool – STRIDE – Usage and Examples
The Threat Modeling Tool is a core element of the Microsoft Security Development Lifecycle (SDL). It allows software architects to identify and mitigate potential security issues early, when they are…
Azure Architecture Studying Notes
This post is to summarize some knowledge points regarding Microsoft Azure learned from Internet.
Security Modeling and Threat Modeling Resources
Threat modeling is a process for thinking through, identifying, and documenting known threats and mitigations to a system before that system is deployed. Threat modeling acknowledges that all systems face…
