Show me desktop version
CALL US 1-888-553-2256
United States

The ISO 27001 & ISO 22301 Blog

Should information security focus on asset protection, compliance, or corporate governance?

Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all, this is what the first (2005) revision of ISO 27001, and its predecessor BS 7799-2, also emphasized. These standards required companies to identify all the assets, and then build the …

Read More ...

8 Security Practices to Use in Your Employee Training and Awareness Program

This might be hard to believe, but it is true: 59% of data breaches are happening not because of some smart hacker who wants to do harm to your company; those breaches are happening because of your own employees. As I’ve argued in my article How a change in thinking …

Read More ...

Small business guide to cyber security: 6 steps against the data breach

Lately we’ve seen many large companies getting hacked: Anthem, Sony, and Target to name just a few. The number of data breaches increased 27.5% in 2014, so measures against these types of security incidents are on the rise in large companies. How about small businesses? Do they really stand a …

Read More ...

Top 10 information security bloggers in 2014

If you want to stay on top of cybersecurity / information security news and insights, here are the blogs that I found the most useful. I listed here only the blogs written by independent authors (blogs that were not edited by an editorial team), and I listed them in alphabetical …

Read More ...

Information security or IT security?

Update 2014-08-11: The number of controls was updated according to 2013 revision of ISO 27001. One would think that these two terms are synonyms – after all, isn’t information security all about computers? Not really. The basic point is this – you might have perfect IT security measures, but only …

Read More ...
Dejan Kosutic
Lead ISO 27001/22301 Expert, Advisera


ISO 27001 & ISO 22301
Free Downloads


Upcoming free webinar
[advisera-next-webinar data=’title’]
[advisera-next-webinar data=’date’]
Show posts:



  • Exemplar Global (formerly RABQSA) is leading international authority in certification of training providers.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933