How can ISO 27001 help protect your company against ransomware?
Carla Bouca
Ransomware is a sophisticated malware that blocks users’ access to their files through the use of encryption. The attackers will...
Ransomware is a sophisticated malware that blocks users’ access to their files through the use of encryption. The attackers will ask for a ransom to unlock the infected computer. Although ransomware has been known as...
ISO 22301 Case study in the travel industry: Business continuity as a necessity in customer care
Wolfgang Mahr
Business continuity protects an organization from the impacts of business disruptions. The goal is to provide a certain level of...
Business continuity protects an organization from the impacts of business disruptions. The goal is to provide a certain level of products and services to customers during disruptions. But, what do industries need in order to...
Data Privacy Protection, ISO 27001 and CISPE Code of Conduct
Rhand Leal
With mandated compliance with the European Union (EU) General Data Protection Regulation (GDPR) ever closer, organizations that handle personal data...
With mandated compliance with the European Union (EU) General Data Protection Regulation (GDPR) ever closer, organizations that handle personal data of European citizens are rushing to adapt their operations to new requirements to avoid problems...
Where does information security fit into a company?
Dejan Kosutic
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate...
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate from it, part of some compliance or risk department, etc. But, before we determine who...
Does ISO 27001 implementation satisfy EU GDPR requirements?
Lately, I’ve been asked questions like: “If ISO 27001 is implemented in my organization, will it fully comply with European General...
Lately, I’ve been asked questions like: “If ISO 27001 is implemented in my organization, will it fully comply with European General Data Protection Regulation (EU GDPR) requirements?” and “Our company is ISO 27001 certified. Are we...
Network segregation in cloud environments according to ISO 27017
In a previous article, I wrote about network segregation considering a physical network structure (see: Requirements to implement network segregation...
In a previous article, I wrote about network segregation considering a physical network structure (see: Requirements to implement network segregation according to ISO 27001 control A.13.1.3), and while the concepts presented there are still valid...
