ISO27001 – the first step towards developing an efficient cyber security strategy


Ely, England, 17 May 2011IT Governance (ITG), the information security experts, are concentrating efforts to help clients protect their confidential information and critical business operations. With its comprehensive range of resources – from books and toolkits through to training and consultancy – IT Governance is at the forefront of the fight against cyber attacks.

Alan Calder, IT Governance CEO, says: “In today’s information economy, the protection of information assets (information security) is a key element in the long-term competitiveness and survival of all organisations. With the Internet becoming a ubiquitous communication and application platform, the greatest risk to your organisation is likely to come from risk of cyber crime. At IT Governance we offer best practice solutions to help clients develop an efficient cyber security strategy for their business.“

“With increasing cyber criminal activity and growing compliance requirements, effective data security is a ‘must have’ for any organisation that wants to compete in the 21st century." continues Calder. "Implementing ISO27001, the Information Security Management System (ISMS) is an important first step in developing an efficient cyber security strategy.”

IT professionals concerned with the design and implementation of an Information Security Management System (ISMS) face the challenge of tackling issues such as viruses, hackers, online fraud, privacy regulations, computer misuse and investigatory powers. There are few resources on the market that are actually developed to provide both technical and non-technical managers with clear guidance as to how to design, implement and deliver an ISMS that complies with ISO 27001.

Calder says: "At IT Governance we are committed to help organisations protect their assets by providing them with the necessary resources. On the other hand, it is the responsibility of individual companies to protect their own assets and sensitive information against the disparate range of potential threats to their day-to-day business. Reading the IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002 is a logical first step for anyone who considers information security a priority and needs a practical introduction to the ISO27001 standard."

Calder continues: "As information security becomes increasingly more important issue on the Board agenda, there is a recognised need for appropriate training. And this is where IT Governance can help again. The ISO27001 Foundation Course provides delegates with a comprehensive and thorough introduction to this essential cyber security standard."

Effective cyber security depends on co-ordinated, integrated preparations for rebuffing, responding to and recovering from, a range of possible cyber attacks. In an Internet environment where a substantial number of initial attacks are automated, and any assault on critical national infrastructure (CNI) is likely to be widespread, all organisations need to take steps to prepare themselves.

For organisations serious about information security, carrying out a penetration test is a must. IT Governance penetration testing service examines and tests the technical security measures an organisation has in place to protect its networks and applications.

Effective penetration testing, often known as ‘pen testing’, involves the simulation of a malicious IT attack, using a carefully-planned combination of methods and tools to mimic the range of possible attacks – but, instead of completing the attack, ITG pentesters will document the vulnerability and recommend steps to reduce the risk. The consequent findings form the basis of a remediation programme.

This website uses cookies. View our cookie policy