Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024
8 Security Practices to Use in Your Employee Training and Awareness Program
This might be hard to believe, but it is true: 59% of data breaches are happening not because of some...
This might be hard to believe, but it is true: 59% of data breaches are happening not because of some smart hacker who wants to do harm to your company; those breaches are happening because...
How a change in thinking can stop 82% of data breaches
Updated: March 23, 2023, according to the ISO 27001 2022 revision. According to Experian 2023 Second Annual Data Breach Industry...
Updated: March 23, 2023, according to the ISO 27001 2022 revision. According to Experian 2023 Second Annual Data Breach Industry Forecast, the largest number of data security breaches are happening because of human error and...
How personal certificates can help your company’s ISMS
One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities...
One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities in a proper manner. Unprepared and untrained people can pose a risk to information, and...
Lead Auditor Course vs. Lead Implementer Course – Which one to go for?
If you are just entering the world of ISO 27001 or ISO 22301, you’re probably considering going for some training....
If you are just entering the world of ISO 27001 or ISO 22301, you’re probably considering going for some training. This is certainly a good idea; however, which course is better for you – Lead...
How to perform training & awareness for ISO 27001 and ISO 22301
Most of the information security/business continuity practitioners I speak with have the same problem: the employees in their companies don’t...
Most of the information security/business continuity practitioners I speak with have the same problem: the employees in their companies don’t take them seriously – not only the top managers, but also their peers. This is...
5 ways to avoid overhead with ISO 27001 (and keep the costs down)
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of...
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of money for something we’re not sure is worth it; and (2) the annoyance of maintaining...
The documentation myth – Why the templates are not enough?
I noticed that many people running ISO 27001 projects who have downloaded documentation templates think “I have the templates now...
I noticed that many people running ISO 27001 projects who have downloaded documentation templates think “I have the templates now – the rest is easy. I’ll write a few documents, show them to auditor, and...
Lessons learned from ISO 27001 implementation
Many readers of this blog asked me to present a real-life experience of ISO 27001 implementation in a company. Since...
Many readers of this blog asked me to present a real-life experience of ISO 27001 implementation in a company. Since I would be too subjective if I started writing my own impressions, I decided to...
Do you really need a consultant for ISO 27001 / BS 25999 implementation?
I’ve met quite a few companies considering how to start their ISO 27001 / BS 25999 project, with quite different...
I’ve met quite a few companies considering how to start their ISO 27001 / BS 25999 project, with quite different approaches – some are convinced they can do it completely on their own (with no...
Activation procedures for business continuity plan
Having a business continuity plan is nice, but if you don’t know when and how to start using it, the...
Having a business continuity plan is nice, but if you don’t know when and how to start using it, the money you’ve invested in it was spent in vain. Even worse, you’ll likely lose quite...