Skip to content

Latest Publications

CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

The Cloud Security Alliance’s (CSA) Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™) is an emerging, cloud-centric threat matrix designed to address the unique and rapidly evolving security risks in cloud… Read More »CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection — Guidance on managing information security risks

ISO/IEC 27005 is an international standard that provides comprehensive guidelines for information security risk management, forming a key part of the ISO/IEC 27000 family of standards. It outlines a structured… Read More »ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection — Guidance on managing information security risks

ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements

ISO 27001 is an internationally recognized standard that provides a comprehensive framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS) within any organization. Its primary goal… Read More »ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements

ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls

The latest version of ISO/IEC 27002 was published on February 15, 2022. This 2022 revision replaced the previous 2013 edition and introduced significant changes including a reduction in the number… Read More »ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls