Want to create an interactive transcript for this episode?
Podcast: Chaos Computer Club - recent events feed
Episode: ISMS-oxide and you (Information-Security-Management-System for hackers) (WHY2025)
Description: This is NOT an introductory talk about ISMS (Information-Security-Management)! It is about my experiences and reflections about real-life issues when deploying an ISMS. There will be a section dedicated to 'hacking' an ISMS, though.
The presumed audiences are:
- individuals working in the realm of IS-/IT-security management
- hackers working in environments that expose them to ISMS-related TODOs (I'll try to put these things into context!)
- anyone trying to understand this ISMS-nonsense
Agenda:
1) Introduction
- Management-Systems
- Information-Security-Management-Sytems (ISO 27001, German BSI IT-Grundschutz)
2) Theory
- Corporate overlords (a.k.a "hacking ISMSes")
- Risk-Management
- Compliance(-Reporting)
- Certifications
3...