byĀ Neil Ford
The New York Stock Exchange (NYSE) has released a 355-page guide to cybersecurity (Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers), written by more than 80 individual contributors representing organizations including Booz Allen Hamilton, Dell SecureWorks, Georgia Institute of Technology, the Internet Security Alliance, Rackspace Inc., the US Department of Justice Cybersecurity Unit, Visa, Wells Fargo, and the World Economic Forum.
This ādefinitive guideā collects āthe expertise and experience of CEOs, CIOs, lawyers, forensic experts, consultants, academia, and current and former government officialsā, and ācontains practical and expert advice on a range of cybersecurity issues including compliance and breach avoidance, prevention and response.ā
āNo issue today has created more concern within corporate C-suites and boardrooms than cybersecurity risk.ā
Tom Farley, President, New York Stock Exchange
Among the reportās many opinions is one that we at IT Governance have maintained for a long time: the recommendation that organizations align their cybersecurity program with āat least one standardā¦ so progress and maturity can be measured. In determining which standard to use as a corporate guidepost, organizations should consider the comprehensiveness of the standard. [ā¦] ISO/IEC 27001ā¦ is a comprehensive standard and a good choice for any size of organization because it is respected globally and is the one most commonly mapped against other standards.ā
All NYSE-listed company board members will receive a copy of the guide; if you are yet to receive your copy, it can be downloadedĀ here >>
For more information on ISO 27001 and how it can help your organization with a best-practice cybersecurity posture,Ā click here >>
āThis is not simply an IT issue. It is a business problem of the highest level.ā
Charles W. Scharf, CEO, Visa Inc.
ISO 27001 information security management
An information security management system (ISMS), as described by ISO 27001, provides a risk-based approach to information security that enables organizations of all sizes, sectors, and locations to mitigate the risks they face with appropriate controls. An ISMS addresses people, processes, and technology, providing an enterprise-wide approach to protecting information ā in whatever form it is held ā based on the specific threats the organization actually faces, thereby limiting the inadvertent threats posed by untrained staff, inadequate procedures, out-of-date software solutions, and more.
Priced from only $659, IT GovernanceāsĀ ISO 27001 Packaged SolutionsĀ provide unique information security implementation resources for all organizations, whatever their size, budget, or preferred project approach. Combining standards, tools, books, training, and online consultancy and support, they allow all organizations to implement an ISMS with the minimum of disruption and difficulty.
Tags: Information Security Management System, ISO/IEC 27001, NYSE