Click below for the podcast version (AI generated): https://www.sorinmustaca.com/wp-content/uploads/2025/05/Guide-for-delivering-2.mp3 Challenges that stop teams to deliver and how to solve them Objection 1: “Our features are too complex for short sprints” This is the most common objection I hear, and it…
Category: Endpoint Cybersecurity GmbH
Guide for delivering frequently software features that matter (series) #1/2: the Pillars of successful frequent delivery
Click below for the podcast version (AI generated): https://www.sorinmustaca.com/wp-content/uploads/2025/05/guide-for-delivering-1.mp3 Guide for delivering frequently software features that matter: the three Pillars of successful frequent delivery If you’re a software engineer older than 30 years, then you definitely have worked following a…
Beyond “Move Fast and Fail Fast”: Balancing Speed, Security, and … Sanity in Software Development (with Podcast)
https://www.sorinmustaca.com/wp-content/uploads/2025/03/Beyond_Move_Fast_and_Fail_Fast.mp3 Move fast and fail fast In software development, the mantra “move fast and fail fast” has become both a rallying cry and a source of considerable debate. It champions rapid iteration, prioritizing speed and output, often at the perceived…
Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.16, “Information Security Incident Management” is crucial for organizations to effectively detect, respond to, and recover from…
Executive summary: NIS2 Directive for the EU members (updated)
The NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European…
Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.15, “Supplier Relationships”, which is crucial for organizations in order to ensure the security of information assets…
Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.14, “System Acquisition, Development, and Maintenance”, which addresses the importance of ensuring the security of information…
Understanding ISO 27001:2022 Annex A.9 – Access Control
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.9, “Access Control”. Access control is a fundamental component of information security management systems (ISMS). It…
Understanding ISO 27001:2022 Annex A.7 – Human Resource Security
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.7, “Human Resource Security”. Contents Toggle Importance of Human Resource Security Implementing Annex A.7 in…
Understanding ISO 27001:2022 Annex A.6 – Organization of Information Security
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with ISO 27001:2022 Annex A.6, “Organization of Information Security”, which outlines requirements for establishing an effective management framework to…