Data breaches are a massive problem for all organisations. In its latest Data Breach Level Index, digital security company Gemalto found that, in 2017, more than 2.6 billion records were compromised in publicly disclosed data breaches. This is the equivalent of more than 7 million records per day, or 82 records per second.
Despite this, there’s a lot of hope for the future. The increased media attention on cyber security has led many, including Kaspersky Lab’s managing director for the Middle East, Turkey and Africa, Amir Kanaan, to claim that organisations will now put a greater emphasis on preventing attacks.
Kanaan highlighted the recent Facebook scandal, which he said “has resulted in heightened awareness, and I do hope businesses […] take this opportunity to rethink their attitude and approach towards data security.
“Seeing the response to the issue by a number of national governments, there will be a move towards more stringent operational guidelines and regulatory frameworks for international companies that primarily deal with data.”
The most effective way for organisations to improve their cyber security posture is to implement an ISMS (information security management system).
The international standard ISO 27001 describes best practices for an ISMS. Certifying to the Standard can be hard work, and will involve your whole organisation, but it will have significant long-term benefits.
The implementation project can take anywhere from three months to a year and, however you proceed, you need to factor in your organisation’s size, the threats it may face and the measures it already has in place.
ISO 27001 training
IT Governance offers several training courses to help you understand ISO 27001 and implement its requirements. Those with little experience of the Standard should consider beginning with our ISO27001 Certified ISMS Foundation Training Course, which explains the essentials of the Standard in one day.
Our more advanced courses teach you how to fill specific roles related to the Standard. This includes our ISO27001 Certified ISMS Lead Auditor Training Course and our ISO27001 Certified ISMS Lead Implementer course.