, the fast-growing cyber security services provider, is warning organisations that technology alone won't protect them from data breaches. They need to implement a cyber security strategy that ensures technology is supported by tested processes and people with the right skills and qualifications.
The company advises that senior decision-makers including CIOs, CISOs and IT Directors turn to best practice frameworks such as ISO27001
, and PAS 555
to ensure their company’s information assets are protected and that the strategy is implemented from the top down.
Alan Calder, Founder and Executive Chairman of IT Governance, says, “Recent data breaches including Target and Barclays, where customer data was stolen, suggest companies are not following cyber security best practice. Surely large organisations like these two would have software in place to protect their data. However, it is likely that there were other fundamental gaps in their management systems that have led to those breaches.”
With the proliferation of cyber attacks, it is more important than ever to develop and maintain an up-to-date information security management system (ISMS). Implementation of an ISMS based on ISO27001
, the international information security management standard, is a fundamental part of an effective cyber security strategy. It enables you to address people, processes and technology holistically whilst allowing you to protect your information assets effectively, both online and off line.
Calder is the author of the book “The Case for ISO27001” which demonstrates the business case for implementing an information security system based on ISO27001. The book can be ordered online at www.itgovernance.co.uk/shop/p-1158-the-case-for-iso-27001-2013-second-edition.aspx