Archive for the ‘ISO 27k’ Category

Why is ISO 27001 so important for US technology firms?

by Rob Freeman At IT Governance, we have long known that compliance with the ISO 27001 information security management standard is essential for all US companies that wish to do business with the rest of the world. This requirement is fuelled by the ever growing threat of cybercrime and the increasing awareness of the data […]

Leave a Comment

vsRisk™ risk assessment

vsRisk Standalone 3.0 – Brand new vsRisk™ risk assessment software available now vsRisk is fully aligned with ISO 27001:2013 and helps you conduct an information security risk assessment quickly and easily. The upgrade includes three key changes to functionality: custom acceptance criteria, a risk assessment wizard and control set synchronization. This major release also enables users […]

Leave a Comment

Fragmented cybersecurity regulation threatens organizations

Fragmented cybersecurity regulation threatens organizations Melanie Watson Organizations across the United States have a number of cybersecurity regulations to comply with, and need to show that they take protection of sensitive data seriously. Consumer data in the US is currently protected by a patchwork of industry-specific, federal, and state laws, the scope and jurisdiction of which vary. […]

Leave a Comment

The new CISO role: The softer side

  By Tracy Shumaker In order for CISOs to stay relevant in their field today, they must add communication and soft skills to their list of capabilities. Traditionally, their role has been to take charge of IT security. Now CISOs oversee cybersecurity and risk management systems. They must manage teams and get leadership approval in order […]

Leave a Comment

Implementing an ISMS: where should you start?

With the number of ISO 27001 certifications rising fast in the US, organizations will be looking to implement an ISO 27001-compliant information security management system (ISMS) quickly, before any of their competitors. However, the hardest part of achieving ISO 27001 certification is providing the documentation for the ISMS. Often – particularly in more complex and […]

Leave a Comment

Keep certification simple using ITGP’s toolkits

When implementing ISO management systems, most of us would like to: get it right first time, keep it as straightforward as possible, be able to integrate the system with other frameworks, reduce common errors that are made during the process, and cut implementation costs where possible.   Implementing management systems has never been easier with […]

Leave a Comment

New York Stock Exchange cybersecurity guide recommends ISO 27001

by Neil Ford The New York Stock Exchange (NYSE) has released a 355-page guide to cybersecurity (Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers), written by more than 80 individual contributors representing organizations including Booz Allen Hamilton, Dell SecureWorks, Georgia Institute of Technology, the Internet Security Alliance, Rackspace Inc., the US Department […]

Leave a Comment

North America has largest growth rate of ISO 27001 registrations

by Melanie Watson North America is currently the fastest growing region in terms of ISO 27001 registrations, according to ISO Survey 2014. Now totalling 836 registrations, North America boasts an annual growth rate of 17.42% in 2014. Other regions include the Middle East with a growth rate of 13.53%, Central and South Asia with 12.54%, […]

Leave a Comment

International law firms see ISO 27001 certification as competitive differentiator

International law firms see ISO 27001 certification as competitive differentiator by Melanie Watson ISO 27001 has long been regarded as the information security standard to protect a company’s sensitive information, but more recently law firms have been viewing it as a key competitive differentiator in their field. Key selling point Shook, Hardy & Bacon achieved […]

Leave a Comment

Code of practice for protection of Personally Identifiable Information

ISO 27018 Code of practice for protection of Personally Identifiable Information (PII) in public clouds acting as PII processors by Microsoft Azure ISO/IEC 27018 was published in July 2014 by the International Organization for Standardization (ISO), as a new component of the ISO 27001 standard. ISO 27018 adds controls to the ISO/IEC 27001/27002 standards to […]

Leave a Comment

Five ISO 27001 books you should read

Take a plunge into the world of ISO 27001 with these recommended reads by Desislava Aleksandrova As a professional embarking on your first journey implementing ISO 27001, you are probably hungry for knowledge and eager to make progress. While starting a new project may be exciting, it can also be daunting if you lack relevant […]

Leave a Comment

How to identify risks, threats and vulnerabilities for small business

Small business owners are often lulled into a false sense of security, thinking that only major retailers, banks and healthcare companies are at risk of a data breach. Although a malicious attack is the most commonly discussed threat to cyber security, it isn’t the only type your business should watch out for. Natural disasters, human […]

Leave a Comment

Independent Risk Assessment

The essential suite for undertaking an independent risk assessment compliant with ISO/IEC 27001; supporting ISO/IEC 27002 and conforming to ISO/IEC 27005, whilst providing guidance to multiple internal Asset Owners. Risk assessment is the core competence of information security management. This toolkit provides essential information, guidance & tools YOU NEED to undertake an effective ISO 27001 […]

Leave a Comment

When to use tools for ISO 27001/ISO 22301 and when to avoid them

If you’re starting to implement complex standards like ISO 27001 or ISO 22301, you’re probably looking for a way to make your job easier. Who wouldn’t? After all, reinventing the wheel doesn’t sound like a very interesting job. So, you start looking for some tool to help you with these information security and business continuity […]

Comments (1)

Do it yourself solution for ISO27001 implementation

ISO 27001 Do It Yourself Package This is the do-it-yourself solution for ISO27001 implementation Cyber crime is increasing exponentially, and this trend will continue as more business activities move online and more consumers connect to the Internet. ISO/IEC 27001 is the only international information security management Standard that can help your organization protect its critical […]

Leave a Comment

SEO Powered By SEOPressor