ISO 27001 Archive
For many years, the SEC (Securities and Exchange Commission) has been lenient on cyber threats. But that’s changing. Last fall, the Commission issued a report discussing its investigation of nine publicly held companies that were hit with cyber fraud. It …
Many organizations have to comply with a mixture of state, industry-specific, and international cybersecurity regulations. The challenge for an organization trading nationally, or even globally, is considerable. According to Tenable’s Trends in Security Framework Adoption Survey, 84% of organizations in …
It is a widely held belief that every organization’s website needs a corresponding privacy policy. However, this is not the case. Whether you need an online privacy policy depends on what your organization does, where it does it, and your contractual obligations. According …
On December 18, an internal memo sent by Bob Gibbs, assistant administrator for NASA’s Office of Human Capital Management, warned employees of a potential hack. It revealed that, in late October, NASA cybersecurity personnel began investigating the possible compromise of …
ISO 27001 is heavily focused on risk-based planning. This is to ensure that identified information risks are appropriately managed according to threats and the nature of these threats. Under ISO 27001:2013, an organization must choose the relevant risk assessment methodology. Although not …
This year, IT Governance launched its ISO27001 Certified ISMS Foundation (Distance Learning) training course. This modular recording of our popular one-day classroom course is the ideal starting point for all prospective ISO 27001 project managers and auditors, or anyone who …
There is still time to comply with NYDFS Cybersecurity Regulation (23 NYCRR 500) if your organization has not done so. March 1, 2019 marks the end of the two-year transitional period for the Regulation. Final requirements Compliance with all sections of 500.11 (Third Party …
The office of Brian Kemp, Georgia Secretary of State, has launched an investigation into the Georgia Democratic Party. It believes the Democrats were connected to an attempted hack of Georgia’s voter registration system. The Democrats deny the charge. Cybersecurity in elections Whether or not the allegation is true, cybersecurity is a …
In the middle of a market suffering lower-than-expected earnings reports, two tech companies stand out for their approaches to privacy. Google, which recently shuttered its social media service Google Plus following a major data breach, is now under scrutiny from …
ISO 27001 is the international standard that describes best practice for an ISMS (information security management system) – a set of policies, procedures, processes and systems that manage information risks. Achieving accredited certification to ISO 27001 demonstrates that your organization is …
