If you read the news on a regular basis, you will find that most of the cyber security or data protection articles play heavily on the fear of an individual’s privacy being compromised.
But what many people don’t seem to realise is that privacy is in fact a dependency of information or cyber security. Only by having in place adequate information or cyber security policies and procedures can an organisation ensure the privacy of their stakeholders, including customers, staff, suppliers, etc.
Whilst there are some unique challenges faced in the area of privacy relating to governmental legislation such as the UK Data Protection Act, organisations can start to effectively address many of the privacy concerns that their stakeholders have by adopting an approach such as implementing an ISMS that complies with ISO/IEC 27001.
By combining the right mix of people, process and technology in an ISMS, organisations can effectively manage many of the privacy risks that people are concerned about.
Find out more about ISO/IEC 27001 in An Introduction to ISO/IEC 27001 2013.