You may not have been able to visit your page because of:
1. An out-of-date bookmark/favourite
2. A search engine that has an out-of-date listing
3. A mistyped address
4. You don't have access to this page
5. The requested resource was not found
6. An error has occurred whilst processing your request
The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.
It is clear that organisations need to develop a view of cybersecurity that goes beyond technology: all staff in the organisation have a role to play, and it is the senior managers who must ensure, like generals marshalling their forces, that all staff know the cyber security policies that explain what to do when under attack.
With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu, and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.
Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.
Dr Andrew Vladimirov is a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.
Konstantin Gavrilenko has over 15 years of experience in IT and security. As a researcher, information security is his speciality, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.
Andriej Michajlowski is an expert on network security. His research interests include user and device authentication mechanisms, and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.
Many titles explain how to reduce the risk of information security breaches. Nevertheless breaches do occur, even to organisations that have taken all reasonable precautions.
Information Security Breaches - Avoidance and treatment based on ISO 27001:2013 helps you to manage this threat by detailing what to do as soon as you discover a breach.
When your organisation’s security is compromised, you cannot afford to waste time deciding how to resolve the issue. You must be ready to take prompt and decisive action. Updated to cover ISO 27001:2013, this second edition gives you clear guidance on how to treat an information security breach and tells you the plans and procedures you have to put in place to minimise damage and return to business as usual.
Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches.
Many of these cases have concerned forms of white-collar crime. Michael Krausz studied physics, computer science and law at the University of Technology in Vienna, and at Vienna and Webster universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.
Develop your understanding of ISO 22301, the business continuity standard with this combination course.
You will gain the skills to successfully lead the implementation of a business continuity management system (BCMS) in your organisation, as well as exploring the key concepts and benefits of ISO 22301.
This one-day introductory course explores the key concepts and benefits of ISO 22301. It provides a comprehensive introduction to the ISO/IEC 22301:2019 standard and the requirements of a BCMS.
This three-day advanced course covers everything you need to plan and implement an ISO 22301 compliance project. Gain the knowledge and skills required to implement an ISO 22301-compliant BCMS.
Participate in group discussions, practical exercises and case studies throughout the course.
Achieve two internationally recognised business continuity qualifications in eight days.
Introduces you to the benefits of ISO 22301 best practice and compliance, and takes you through the nine steps to ISO 22301 success.
Delivered by experienced ISO 22301 practitioners, this combination course is designed to meet the international standards on auditing techniques.
Learn how to tackle a BCMS project from start to finish to help your organisation achieve compliance.
Gain the knowledge and skills required to lead an efficient and cost-effective implementation project.
This combination course is ideal for anyone involved in, or responsible for, implementing or maintaining a BCMS, including:
The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.
No prior knowledge or qualifications are required and the course content is suitable for non-technical and technical staff.
We strongly recommend you purchase and read the standard prior to attending the course:
We also recommend that you purchase and read the following textbooks:
Attendees take the Certified ISO 22301 BCMS Foundation (CBC F) exam at the end of day one:
Attendees take the Certified ISO 22301 BCMS Lead Implementer (CBC LI) exam at the end of the course:
Both the ISO 27001 Lead Implementer and Lead Auditor exams are set by IBITGQ (International Board for IT Governance Qualifications). There are no extra charge for these exams.
This course is equivalent to:
28
CPD points
Certified ISO 22301 BCMS Foundation (CBC F) and Certified ISO 22301 BCMS Lead Implementer (CBC LI) qualifications.
All courses hold accreditations from IBITGQ (International Board for IT Governance Qualifications) a renowned authority in personnel certification within the field of IT governance.
As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.
IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.
ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.
Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.
Exams can be resat without retaking the entire course but delegates will need to pay the exam fee again.
We want you to learn, qualify and progress, and we are committed to providing learning options for all scenarios: deadline-driven, career-orientated, company-wide or interest-led.
Structured learning, with clear direction and guidance from expert practitioners:
Learn and absorb material in a way that works for you:
The most effective learning method for professionals:
Learning as a team and building a culture of awareness:
As global threats to information security increase in frequency and severity, and organisations of all sizes, types and sectors face increased exposure to fast-evolving cyber threats, there has never been a greater need to implement a robust information security management system (ISMS) that complies with the international standard, ISO 27001.
IT Governance: An International Guide to Data Security and ISO27001/ISO27002 provides best-practice guidance from ISO 27001 experts, Alan Calder and Steve Watkins, to help you successfully implement an ISO 27001-compliant ISMS.
Now in its seventh edition, this bestselling guide is ideal for information security professionals and organisations that are looking to enhance their ISMS and protect against information security threats.
IT Governance: An International Guide to Data Security and ISO27001/ISO27002 is the definitive compliance guide, covering all aspects of data protection and information security, including viruses, criminal hackers, online fraud, privacy regulations, computer misuse and investigatory powers.
IT Governance: An International Guide to Data Security and ISO27001/ISO27002 is the recommended textbook for the Open University’s postgraduate information security course and the recommended text for all IBITGQ ISO 27001 courses.
Alan Calder knows ISO 27001 inside out. He led the implementation of the first management system to achieve accredited certification to BS 7799 – the forerunner to ISO 27001 – and has been working with the Standard and its successors ever since. He is the founder and executive chairman of IT Governance.
Steve Watkins is an executive director at IT Governance and holds high-profile roles in the world of cyber security standards and certification, including Chair of the UK ISO 27001 User Group and Chair of the ISO/IEC JTC 1/SC 27, the international technical committee responsible for the ISO 27k family of standards. He is also involved with UK standard technical committees.