Recent research from 451 Research (attached below) shows that the hosting and cloud market is growing significantly but customers are increasingly looking for evidence of Security and Compliance. Likewise, bids and tenders from UK Government Departments require products and services to be accredited to IL2 or IL3, which again requires ISO 27001 certification.
Designing and implementing an ISMS (Information Security Management System) will not only mean more business for your business, it will also provide you with a platform for protection of your most important assets as well as give you a system that will ensure business continuity should the security defences be compromised.
I often find that many people think security is all about technology and buying products that will help protect your business. You cannot buy security! You can however buy products that will help you implement your security policy, but you need a policy to begin with. Security starts with the leadership team.
You also need to implement policies, procedures and make sure your employees are trained in these policies and procedures. The bad news is that no security defence will give 100% security and hence you need to ensure you have processes in place that prepare you for what to do when major failures and disasters happen and that will enable you to recover quickly.
ISO 27001 is the management framework that will help you get all that plus you can get external verification that the system works so your customers will trust you.