Show me desktop version
CALL US +1 (646) 759 9933

The ISO 27001 & ISO 22301 Blog

Should information security focus on asset protection, compliance, or corporate governance?

Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all, this is what the first (2005) revision of ISO 27001, and its predecessor BS 7799-2, also emphasized. These standards required companies to identify all the assets, and then build the …

Read More ...

How two-factor authentication enables compliance with ISO 27001 access controls

Access control is one of the cornerstones of security. If you cannot control who access what, you cannot ensure security at all. Because of that, access control stays in the main focus of security teams and wrongdoers. Today, simple use of passwords, tokens, or biometrics is not enough to prevent …

Read More ...

Does ISO 27001 implementation satisfy EU GDPR requirements?

Lately, I’ve been asked questions like: “If ISO 27001 is implemented in my organization, will it fully comply with European General Data Protection Regulation (EU GDPR) requirements?” and “Our company is ISO 27001 certified. Are we already compliant with EU GDPR?” The new regulation introduces a set of rules that require …

Read More ...

What is the EU GDPR and why is it applicable to the whole world?

The General Data Protection Regulation (GDPR) will replace the actual Directive (Data Protection Directive 95/46/EC). It will not apply until May 25, 2018, but it does require companies to start preparing now, taking into account some obligations may be onerous and time consuming to implement. What is personal data? Based …

Read More ...

The blessing of continuous improvement in ISO 22301

As with any other ISO management standard, not improving is not an option in ISO 22301. Best results can be achieved if improvements are applied to different aspects of the BCM approach. What improvement area or areas may have high priority is mainly dictated by the actual situation of the …

Read More ...

ISO 27001 Internal Auditor training – Is it good for my career?

With business processes under constant pressure from management, customers, and other interested parties, to protect information exactly as requested, by means of technical specifications, legal requirements, or business objectives, and the greater complexity and sophistication of operations, the use of audit expertise in information security is becoming a critical point …

Read More ...

Key performance indicators for an ISO 27001 ISMS

Think about a medical exam. Our objective is for the physician to tell us that our health is ok and that we’ll live a long life, right? And how does the physician evaluate our health to determine if we are on track or not? By using several biological indicators, like …

Read More ...

What Can War Teach Us About Mainframe Security?

The mainframe environment, or Big Iron, continues to grow at a rate of about 5% per year according to recent predictions. While experts have historically considered the Mainframe to be the safest environment from a Cybersecurity perspective, one has to wonder if this “big box dinosaur” is able to handle …

Read More ...
FREE ISO 27001/22301 CONSULTATION
Dejan Kosutic
Lead ISO 27001/22301 Expert, Advisera

GET FREE ADVICE

ISO 27001 & ISO 22301
Free Downloads

 

Upcoming free webinar
Seven key problems to avoid in ISO 27001 implementation
Wednesday - May 3, 2017
Show posts:
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933