ISO 27001 Archives - Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit

Do you need a physical office in order to ISO/IEC 27001 certification?

Alan Calder May 4, 2020 ISO 27001

No. The standard was written to support organisations of all sizes, all types and in all sectors. And as it is increasingly normal for organisations to be largely or entirely home-based, accessing temporary office-space if, as and when, necessary, so …

[Continue Reading...]

My first book and Ciaran Martin’s call to action

Alan Calder September 14, 2018 Cyber Security, ISO 27001

Just before the millennium, Steve Watkins and I wrote IT Governance: A Manager’s Guide with the specific intention of arming boards and senior managers with the tools to enable them to properly govern information security in their organisations. The book …

[Continue Reading...]

ISO/IEC 27001 certifications continue growth

Alan Calder September 13, 2018 Cyber Security, ISO 27001

Recent ISO statistics show that the number of ISO 27001 certificates worldwide increased by 19% last year, to a total of almost 40,000. The UK grew at 34% and the USA at 36% – both countries that understand the need …

[Continue Reading...]

Governance and compliance – BA, Nielsen and Stena

Alan Calder September 10, 2018 BS10012, Cyber Security, ISO 27001

British Airways British Airways revealed on Wednesday that payment card records of approximately 380,000 customers had been hacked over a 15-day period from mid-August to early September. It was apparently told about the breach by a third party – in …

[Continue Reading...]

Nielsen Holdings sued for overstating its GDPR preparedness

Alan Calder September 7, 2018 BS10012, ISO 27001

You may have seen the news that Arun Bhattacharya, a shareholder in the data analytics company Nielsen Holdings plc, is suing the company, its CEO and CFO for misleading shareholders and the public about its preparedness for the GDPR (General …

[Continue Reading...]

Government Cyber Security Kite Mark vs ISO 27001

Alan Calder December 16, 2013 ISO 27001, IT Governance

Last Thursday (12th December) the British Government issued a statement on the progress against the objectives set out in the UK Cyber Security Strategy. Unsurprisingly, making cyberspace safer for UK business remains a top priority. In order to achieve that …

[Continue Reading...]

CISSP or CISM: Which – or Both?

Alan Calder May 3, 2013 Cyber Security, ISMS, ISO 27001, IT Governance, IT Security

In today’s underskilled cyber security market place, people ask whether they should acquire a CISSP or CISM qualification. Each qualification has different strengths – so, which do you think information security professionals should pursue? Where do you think CISMP fits into a …

[Continue Reading...]

Cyber skills the issue for SMBs

Alan Calder May 2, 2013 Cyber Security, Data Breaches, ISO 27001, IT Governance, IT Security

New cybersecurity surveys continue to point at the two main challenges faced by most smaller businesses in terms of defending against cyber attack: They don’t know where they are vulnerable; and They don’t have the skills to close down the …

[Continue Reading...]

The cyber security frontline: your business

Alan Calder April 29, 2013 Cyber Security, ISO 27001, IT Governance, IT Security

Eugene Kapersky – the founder of Kaspersky Lab, the world’s largest privately-held anti-malware vendor – made four important points in his cybersecurity seminar at Infosec 2013: “Every company is a victim of cyber attacks, whether they know it or not;” Even smaller …

[Continue Reading...]

Cyber security skills gap

Alan Calder April 26, 2013 Business and the Economy, Cyber Security, ISMS, ISO 27001, ISO 27002 (ISO 17999), IT Governance, IT Security

I talked, earlier this week, about the evident gap between the concern expressed (in the 2013 ISBS survey) by the majority of managers about cyber security and the fact that their organisations continue to be breached, and linked this to …

[Continue Reading...]