A recent survey from the Ponemon Institute, where it surveyed 583 American companies on security issues, has reported that 90% of companies had been hacked in the last year. That is a quite staggering statistic.
Additionally the survey found:
- 59% of companies were successfully hacked on multiple occasions
- Cyber attacks had cost 41% of companies at least $500,000
- Cyber attacks had cost 19% of companies over $1,000,000
- 78% of companies stated that the frequency of attacks was on the increase
The continual media stories are one thing, usually focused on high profile brands and politically motivated attacks. But this report highlights the importance for every business to take information and cyber security seriously. Unfortunately, anyone can be a target. And can your business really afford the potential huge financial loss that comes with a cyber attack? Not to mention brand damage, loss of client and consumer confidence and the time to rectify an attack.
IT Governance and ISO 27001 are here to help.
ISO 27001: The Cyber Crime World Beater
ISO 27001 is the international practice specification that helps businesses and organisations throughout the world to develop a best-in-class Information Security Management System (ISMS).
AT IT Governance we offer a range of tools to help you with your ISO 27001 project. The most useful is our No 3 Comprehensive ISO 27001 ISMS Toolkit.
ISO 27001 will underpin and protect IT worldwide over the next decade. It sets out specific requirements, all of which must be followed, and against which an organizations Information Security Management System (ISMS) can be audited and certified. It can also provide a cost-effective way of complying with HIPAA, GLBA, SOX, PIPEDA, PCI and State Breach Laws.
Creating an ISMS that is compliant with ISO 27001 can seem like a daunting task. However, our No 3 Toolkit provides you with all the resources you need to successfully complete your project including:
- Over 400 pages of information
- Pre-written policies, procedures and templates – all which are customizable to your organization
- vsRisk – the definitive risk assessment tool
- Copies of all 3 of the information security standards, ISO 27001, ISO 27002 & ISO 27005
- A model Information Security Policy, a model Statement of Applicability
- A gap analysis Tool
- A Business Continuity Plan
Accredited Certification to ISO27001 gives an organisation internationally recognised and accepted proof that its system for managing information security – its ISMS or cyber security readiness – is of an acceptable, independently audited and verified standard.
If you are new to ISO 27001 this fantastic introductory guide is a great place to start.