Blog
Petya in Maersk – what can we learn?
I often get asked ”what can I do to never get a cyberattack?” or ”if I implement ISO 27001 will I be 100% secure?” or ”why don’t you invent a product that would make an organisation 100% secure?”. The last question came from my father this summer, when we were reading...
GDPR and ISO 27001
You might have heard, that GDPR is coming? Of course you have, and it would be very difficult not to have heard about GDPR as it almost resembles the good old Y2K days (if you are old enough to remember those days). With GDPR it seems to be a lot of common sense and...
Solid growth in ISO 27001 certifications world wide
Solid growth in ISO 27001 certifications is reported. The International Standards Organisation (ISO) reports a 20% rise in ISO 27001 certifications worldwide. ISO and IEC’s standard for information security, ISO/IEC 27001 saw a 20% increase to 27,536 certificates...
ISO 27001 and law firms
ISO 27001 and law firms. As the BBC could report, a partner at Mossack Fonseca, the Panamanian law firm at the centre of a huge leak of confidential financial data, says it was the victim of a hack. Ramon Fonseca said the leak was not an "inside job" - the...
ISO 27001 Internal Audit
ISO 27001 Internal Audit. Part of running an effective ISO 27001 Information Security Management System (ISMS) is to run an effective internal audit programme. The purpose of the audit programme is make sure, that the ISMS conforms to your own requirements as well as...
ISO 27001 is also about people
ISO 27001 is also about people. Often when information security is discussed it centres around technology and IT, however although technology and products are very important, information security is very much about people as well. In fact it is probably reasonable to...
The cost of cybercrime
The cost of cybercrime is high! No news here, I think everyone knows that. Many studies have been made and published showing the cost of cybercrime is high and getting higher each year. Still when a company then publish their latest quarterly financial results you...
Is ISO 27001 certification just for large organisations?
Is ISO 27001 certification just for large organisations? That is quite often a question raised to me or in various public domains. There is for example a discussion going on at the moment on the ISO27000 for information security management LinkedIn forum . In my view...
ISO 27001 in 2016
Is 2016 going to be the year where you achieve ISO 27001 certification? It might have been something you have been considering for some time now. Not a day goes by without the media reporting of some sort of information security breach (Hyatt or Talk Talk or...
What is ISO 27001, Information Security and why should you use it?
What is information security and what is ISO 27001? Information security is the protection of information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities. ISO...