It’s 10am, your server has been hacked by a notorious cyber-criminal gang and your customer’s payment information is being sold in the dark corners of the internet. The story has already taken over social media and awaits your first steps.
What do you do?
Or should the question be, what didn’t you do?
The stats are out there
The 2013 Information Security Breaches Survey has shown that 87% of small businesses across all sectors experienced a breach in the previous year. This statistic alone should be enough to encourage you to step up your organisations security, so why aren’t you?
The recent hacking of the Snapchat app is a perfect example of the message I’m trying to get across. A security firm got in touch with Snapchat telling them about a serious design flaw in their app which will allow hackers to download information about users of the app. Snapchat ensured that such a hack wouldn’t be possible and that there’s nothing to worry about.
What happened next? 4.6 million account details are stolen from Snapchat servers.
There are no details about how many users Snapchat have lost, but we can safely assume that a large percentage of them will no longer be using this app. Facebook recently offered the Snapchat owner $3 billion for the app, which was turned down. Snapchat has no form of income, and with this massive breach being the front page of the news – how much would that offer be now?
How can I protect my organisation?
I’m glad you asked. Following the example of savvy organisations such as Workforce Metrics and Pervasive Health, it makes sense to turn to ISO 27001 for help. –ISO 27001 is the international standard describing best practice for an Information Security Management System, often shortened to ‘ISMS’
By implementing ISO 27001 into your organisation, you’ll be able to better protect your information as well as significantly improve the effectiveness of your critical information security procedures.
Want to learn more about ISO 27001?
If you’re serious about learning more about ISO 27001, then you should book on IT Governance’s event on 30th January in Central Bedfordshire – Leveraging ISO 27001 2013 to address Information Security and Cyber Security issues.
The event will be attended by ISO27001 experts Alan Calder and Steve Watkins, providing a fantastic opportunity to speak to them without needing to pay for anything other than the ticket (£35 plus VAT).