The strategy for “An Open, Safe and Secure Cyberspace” proposed by the European Commission (EC) in conjunction with the Representative of the Union for Foreign Affairs and Security Policy, announced on the 7th February 2013 how the European Union (EU) plan to prevent and respond to cyber disruptions and attacks. The strategy details five key cybersecurity priorities:
- Achieving cyber resilience
- Drastically reducing cybercrime
- Developing cyber defence policy and capabilities related to the Common Security and Defence Policy (CSDP)
- Developing the industrial and technological resources for cyber-security
- Establishing a coherent international cyberspace policy for the European Union and promoting core EU values
Far from being a lofty aspiration the EC has also proposed a directive on network and information security (NIS) which will require actions from Member States and industry alike. The directive is a key part in the EU’s cybersecurity strategy which aims to guarantee a secure and trustworthy environment throughout the EU. Among other measures specified in the proposed directive is the reporting of major security incidents on the core services of key infrastructure sectors and information processors requiring them to adopt risk management practices and report major security incidents on their core services. Business sectors specifically named include:
- financial services
- transport services
- energy services
- health services
- app stores
- e-commerce platforms
- Internet payment
- cloud computing
- search engines
- social networks
According to a Deloitte TMT Global Security Study a survey of executives at the world’s largest technology, media and telecommunications (TMT) identified that 70% of those surveyed identifying a lack of security awareness among employees as a vulnerability: “innovations in technology and the people using these technologies also rank as one of the biggest threats, with 70 percent listing their employees’ lack of security awareness as an “average” or “high” vulnerability.”
ISO27001 is the International Cybersecurity Standard that should be employed by all organisations. At IT Governance we produce a range of ISO27001 toolkits which provides all the tools you need to create your own ISO27001 compliant Information Security Management System (ISMS).
This week we are promoting the benefits that buying a toolkit can bring you and your business. Toolkits give you the knowledge and information you need to cost-effectively achieve your goals, setting you aside from your competitors.
We offer free trials of all our best-selling toolkits. These toolkits contain all the documents, templates and tools to help organisations quickly and cost-effectively implement a management system or IT standard.