Since 2012 there has been a number of data breaches across Europe which have affected millions of people. In May 2013 several Dutch government websites suffered DDOS attacks causing 10 million citizens not being able to pay their taxes and bills online, and in December last year a Belgian railway company suffered an internal error which inadvertently published 1.46 million sets of customer data online.
So whether it’s an internal or external threat to your organisation that you’re worried about, it’s advised that you put information security practices in place to reduce the threat of a data breach.
ISO/IEC 27001:2013 is an internationally recognised standard that sets out best practice specification for an Information Security Management System (ISMS) for which your organisation can be audited and certified against. Even if you’re not looking to gain certification, the best practices in the standard can be implemented just for your own piece of mind.
To gain a good insight into information security and ISO 27001:2013, I suggest you take a look at ISO 27001 expert Alan Calder’s pocket guide – An Introduction to Information Security and ISO 27001(2013), Second Edition.
I also recommend that you download our free Information Security and ISO27001 Green Paper