An ISO 27001 Information Security Management System (ISMS) landing page is a resource that provides information about an organisation’s ISMS. It can be used to educate employees about information security, communicate the organisation’s commitment to information security, and demonstrate that the organisation is meeting the requirements of ISO 27001.

Creating a good landing page is not at all complicated: a few simple building blocks are needed and the trick is to know what ISMS pages to include within the different sections of the landing page.

Penetration testing assessments are essential for companies to identify and resolve security vulnerabilities in their systems and applications. By proactively identifying exploitable weaknesses, software development teams can fix security issues before they become an issue.

However, penetration testing assessments are only half the battle. Remediating security issues on time, effectively and in an auditable manner is the other half. For security teams and upper management, measuring the remediation of penetration testing findings is essential for assessing the effectiveness of a company’s security posture.

Writing documentation is hard. However, writing awesome documentation is even harder. The challenge is that security teams need good documentation more than any other technical discipline.

The primary reason is that people come and go and it is impossible to replace knowledge without documentation. Secondly, you need to justify what you are doing to the business. When the next audit comes you need to describe what you do and prove you do it. Third, security teams are constantly firefighting and good documentation can make a great difference during incident response.

Have you managed to land your first CISO role and are about to start? First off, congratulations on getting the job. With the demand for senior security roles being at an all time high, beating the competition to secure such positions is a huge challenge. So well done you! You’re awesome!

However, with increased seniority comes increased responsibility. As a new CISO, making a great first impression is crucial to laying a solid foundation for your tenure. Your management will have already waded through hundreds of applications to select you. As a result, they will be keen to see what you can bring to the game.