Sarwono sutikno forum tik utk standardisasi keamanan kartu cerdas - 4 nov 2...
Curriculum Vitae Summary
1. Giuseppe D’Amore – IT Security Consultant
Summary
During my work experience, I have worked in various areas of IT security:
1. Data Protection and Data Classification
2. Web Application Firewall
3. Vulnerability Assessment and Penetration Testing
4. Information Security Awareness and Training
5. Network Security Auditing
6. Advanced Persistent Threat
7. Secure Software Development Life Cycle (SSDLC)
Below is a graphical representation of the percentage of activities grouped by industry carried out in the
course of my career:
2. Information Security Standards
Familiar with the following standards, best practices and guidelines:
1. ISO 27001
1.1. Information security management systems - Requirements
2. ISO 27002
2.1. Code of practice for information security controls
3. ISO 27003
3.1. Information security management system implementation guidance
4. ISO 27005
4.1. Information security risk management
5. NIST SP 800-30
5.1. Guide for Conducting Risk Assessments
6. NIST SP 800-37
6.1. Guide for Applying the Risk Management Framework
7. NIST SP 800-53
7.1. Security and Privacy Controls
8. NIST SP 800-82
8.1. Guide to Industrial Control Systems (ICS) Security
9. NIST SP 800-100
9.1. Information Security Handbook: A Guide for Managers
Reading List
I read the following books:
1. Sicurezza delle Informazioni
1.1. Cesare Gallotti
2. CISM Review Manual 2014
2.1. ISACA
3. IT Governance: A Manager’s Guide to Data Security and ISO 27001/ISO 27002
3.1. Alan Calder
3.2. Steve Watkins
4. Managing Risk and Information Security: Protect to Enable
4.1. Malcolm Harkins