Resources

Below are some online references and resources which you may find useful for all things related to protecting information. Click on any category to expand the accordion list and see the available links.

Online Resources

Barbados Information Security Regulations

Data Protection Bill 2019
Barbados Identity Management Bill
Computer Misuse Act

Cybersecurity Security Standards

ISO 20000-1: Information technology — Service management — Part 1: Service management system requirements
ISO 27001: Information technology — Security techniques — Information security management systems — Requirements
ISO 27003: Information technology — Security techniques — Information security management systems — Guidance
ISO 27005: Information technology — Security techniques — Information security risk management
ISO 27014: Information security, cybersecurity and privacy protection — Governance of information security
ISO 27032: Information technology — Security techniques — Guidelines for cybersecurity
ISO 22301: Security and resilience — Business continuity management systems — Requirements
ISO 27002: Information technology — Security techniques — Code of practice for information security controls
ISO 27007: Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing
ISO 27008: Information technology — Security techniques — Guidelines for the assessment of information security controls
ISO 27017: Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services
ISO 27103: Information technology — Security techniques — Cybersecurity and ISO and IEC Standards
ISO 30111: Information technology — Security techniques — Vulnerability handling processes
ISO 31000: Risk management — Guidelines
IEC 31010: Risk management — Risk assessment techniques

Data Privacy

OECD Privacy Guidelines
Data Protection Directive (EU)
GDPR - General Data Protection Regulation
ISO/IEC 27701:2019 Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
ISO/IEC 29184:2020 Information technology — Online privacy notices and consent
ISO/IEC 27018:2019 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

Staying Safe Online

Get Safe Online (Barbados)
Stay Safe Online

Cybersecurity Career Path

Cybersecurity Career Path

Certifications

CISSP - Certified Information Systems Security Professional
CCSP - Certified Cloud Security Professional
CISA - Certified Information Security Auditor
CISM - Certified Information Security Manager
CRISC - Certified in Risk & Information Systems Controls
CompTIA Security +
CASP+ - CompTIA Advanced Security Practitioner
CCISO - Certified Chief Information Security Officer
ECSA - Certified Security Analyst
CHFI - Computer Hacking Forensic Professional
CEH - Certified Ethical Hacker
GPEN - GIAC Penetration Tester
PWK - Penetration Testing Training with Kali Linux
OSCP - Offensive Security Certified Professional
CPP - Certified Protection Professional
Secuirty Certification Roadmap

Information Security Info & Blog

SecurityWeek
GBHackers on Security
HelpNetSecurity
The Hacker News
Information Security Buzz
Infosecurity Magazine
CyberArk (Blog)
Naked Security
Krebs on Security
Dark Reading

Security Policy Templates

SANS Security Policy Templates
NISTIR 7924 - Reference Certificate Policy (2nd Draft)
NIST Cybersecurity Framework - Policy Template Guide

Cybersecurity Frameworks

FFIEC - Federal Financial Institutions Examination Council - Cybersecurity Awareness
ISO 27001 - INFORMATION SECURITY MANAGEMENT
NIST CSF - CYBERSECURITY FRAMEWORK
IASME Governance
CIS 18 Critical Security Controls
TECHNICAL COMMITTEE (TC) on CYBER (CYBERSECURITY)

If you have any suggestions for additional resources we can add, kindly use our contact form and let us know.