Survey finds increased information security fears assuaged by ISO27001

A survey conducted by Opinion Matters for BSI has found that although consumers’ vulnerability to cyber attacks is increasing in line with the amount of time and money they spend online, they are still overly reliant on companies for protection. Nearly half of consumers surveyed reported having suffered a cyber attack and a third stated that they did not trust organisations with their data, yet only 4% have stopped using online services in order to protect their data.

It seems that consumers’ lack of confidence in organisations’ security is more than matched by organisations’ own fears: a new Vanson Bourne survey of “200 IT decision makers in UK businesses” (also commissioned by BSI) has found that 56% of UK businesses are more concerned about cyber security than they were a year ago, and 70% of them attribute this to the increased abilities of hackers.

Organisations remain unconfident about information security

Although 98% of organisations have taken measures to minimise information security risks, only 12% of respondents are “extremely confident” in the information security measures that their organisations have put in place to defend against attacks.

  • 91% of IT directors admit their organisation has been the victim of a cyber attack.
  • 49% have experienced an attempted hack.
  • 49% have suffered from malware.
  • 42% have experienced the installation of unauthorised software by trusted insiders.
  • 30% have suffered a loss of confidential information.

When pressed about their information security measures, respondents revealed that:

  • 60% of organisations have not provided staff with information security training.
  • 37% have not installed antivirus software.

These are simple – and, one might think, obvious – measures, and yet they are often overlooked.

ISO 27001

Globally recognised standards such as the international standard for best-practice information security management, ISO 27001, sharpen organisations’ focus, bringing awareness of cyber risks as well as providing guidance on their mitigation so that such measures are not overlooked.

The same BSI/Vanson Bourne survey found that 56% of organisations that have implemented an ISO 27001-compliant information security management system (ISMS) are conscious of potential cyber attacks, compared to only 12% of organisations that have not implemented an ISMS.

Furthermore, 52% of organisations that have implemented ISO 27001 are “extremely confident about their level of resilience against the latest methods of cyber hacking”.

ISO 27001 implementation solutions

If you want to see how ISO 27001 can help protect your organisation from cyber attacks, IT Governance has created four fixed-price implementation solutions to suit all organisations, whatever their size, sector, location, budget or preferred project approach. Order any of these services before the end of 2014 and get 10% off. Click here for more details >>

Do It Yourself Get A Little Help Get A Lot Of Help We’ll Do It For You