Not only does the Standard require you to take certain measures in order to secure your data, it also provides a level of assurance to your clients and other stakeholders that you take information security seriously. Businesses – particularly in the chemical, manufacturing and IT sectors – have seen a significant jump in ISO 27001 certifications in the past year.
ISO27001 in Europe
The number of ISO 27001 certificates in Europe has grown significantly over the past seven years.
According to the latest ISO Survey, there are 7,950 ISO 27001 certificates throughout Europe as of 2013, which is up 24% on the previous year. Although the UK, Italy, Romania, Spain and Germany have the largest number of ISO 27001 certificates in Europe, the biggest growth rates in 2013 were seen in Albania, Austria and Armenia, which saw jumps of 71%, 62% and 57% respectively.
Third most googled ISO standard worldwide
In recent analysis by IT Governance, ‘ISO 27001’ was the third most googled standard worldwide. The investigation studied people searching for a particular standard online against the number of certifications held.
What’s surprising is that even though ISO 27001 was the third most googled standard worldwide, it is only the fifth most adopted standard according to ISO’s 2013 survey. Excluding ISO 27001, global certification numbers followed the same order as Google’s monthly search rankings, and showed a direct correlation between the number of searches and certifications held.
This indicates a growing interest in ISO 27001 and suggests that many companies are still at the research stage of their implementations. This is a trend that matches security experts’ expectation that the number of ISO 27001 certificates will increase dramatically over the coming years.
Why are people choosing ISO27001?
ISO 27001 has long been regarded as the leading framework for implementing an information security management system (ISMS) that enables organisations to obtain independent certification to prove their cyber security credentials. It is the only auditable international standard for information security management systems, and has been developed to harmonise with other standards to reduce the complexity of audits.
With recent high-profile data breaches at Home Depot, Target and JPMorgan Chase, and pressure from stakeholders and local legislation, many organisations are seeing the benefits of implementing the Standard.
According to ENISA’s Security Certification Practices Report, ISO 27001 is one of the three most requested standards by companies in Europe (the others are ISO 9001 and ISO 20000), and ISO27001 has been called a ‘company’s main strategic business asset’.
Implementing an ISO 27001-certified ISMS is also recognised as supporting your adherence to European data protection legislation. The Standard offers an easy-to-implement, holistic approach to information security that not only covers your technology infrastructure, but also encompasses the people and processes that form your organisation. Its guidance for conducting risk assessments and applying risk treatments even helps you to handle emerging threats.
Join the ISO27001 movement and secure your data
For more information on ISO 27001, download our free green paper, Information Security and ISO 27001: An Introduction.