Organisations encouraged to comply with ISO 27001 at NASSCOM-DSCI's Information Security Summit
/EINPresswire.com/ IT Governance Asia, the one-stop shop for ISO 27001 information, books, toolkits and pocket guides has confirmed its participation at the Annual Information Security Summit in India this December.
The Summit, organised by The National Association of Software and Services Companies (NASSCOM) and Data Security Council of India (DSCI), takes place in New Delhi on 6-7 December. It will address the current security challenges against the backdrop of recent high profiles attacks, which affected organisations including the Pentagon, the IMF, Epsilon, Citigroup, and the websites of the CIA and CBI. Needless to say, these targeted attacks have brought into focus the need for tighter and more effective security systems for organisations globally.
ITG Asia recognises cyberattacks as the most pervasive high-priority risk facing companies across the globe. And the stakes of cybercrime are high. The potential impact of cyber risks to any individual business includes:
• Financial loss from theft or fraud;
• Loss of invaluable customer information or Intellectual Property;
• Possible fines from legal and regulatory bodies (e.g. FS, Information Commissioner) or expensive court actions resulting from breach of data protection or confidentiality regulations;
• Loss of reputation through 'word of mouth' and adverse press coverage; and
• Organisational survival itself.
In today's information economy, the protection of information assets (information security) is a key element in the long-term competitiveness and survival of commercial organisations. In an environment where the survival of individual organisations is, at least, partially dependent on the security of the critical national infrastructure, all organisations must contribute to improved cybersecurity. With the Internet becoming a ubiquitous communication and application platform, the greatest risk to the business is not cyberwar, but cybercrime.
Needless to say, the assessment and prevention of cyber risks associated with information assets are crucial to the success of a business. Effective cybersecurity depends on co-ordinated, integrated preparations for rebuffing, responding to and recovering from, a range of possible attacks. There is no single, stand-alone solution for cybercrime or for APTs (Advanced Persistent Threats); the very nature of an APT is that it is designed to evade standard security controls.
ISO 27001 - THE Cybersecurity Standard
Cybersecurity standards are an important element in building a strong, resilient information and communications infrastructure. ISO/IEC 27001 is the most significant international best practice standard available to any organisation that wants an intelligently organised and structured framework for tackling its cyber risks. ISO 27001, as a specification for an information security management system (ISMS), is clear and precise; it also lists 133 key security controls that should always be at the heart of any organisation's approach to securing its information assets.
ISO/IEC 27001, together with the international code of practice, ISO/IEC 27002, provides a globally recognised best-practice framework for addressing the entire range of risks which, taken together, may be described as cyber risks.
ISO27001 and ISO27002 are also common reference points for almost all laws and regulations that touch on information security. As almost every data breach is also likely to bring a legal exposure, there is real sense in basing an ISMS on an international standard that provides a recognised framework for information security controls.
Alan Calder, CEO of IT Governance, says, "Increasingly, organisations are seeing ISO 27001 certification as a minimum standard for information security management in their suppliers. With increasing cybercriminal activity and growing compliance requirements, effective data security is a 'must have' for any organisation that wants to compete in the 21st century".
ITG Asia recognises the importance of complying with ISO 27001 and therefore, takes the opportunity to raise awareness of this standard and effective information security management at this year's Summit. More information on the Standard and essential resources can be found on the following page:
www.itgovernanceasia.com/c-50-iso27001.aspx
Organisations are encouraged to download ISO 27001 (ISO/IEC 27001) ISMS Requirements by following the link below:
www.itgovernanceasia.com/p-948-iso-27001-isoiec-27001-isms-requirements-download.aspx
- Ends -
FOR FURTHER INFORMATION
Dominika Jankowska
Internet Marketing Executive
+1 877 317 3454
djankowska@itgovernance.co.uk
NOTES TO EDITORS
IT Governance Asia is the one-stop shop for books, pocket guides and tools for governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance Asia is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernanceasia.com.
The Summit, organised by The National Association of Software and Services Companies (NASSCOM) and Data Security Council of India (DSCI), takes place in New Delhi on 6-7 December. It will address the current security challenges against the backdrop of recent high profiles attacks, which affected organisations including the Pentagon, the IMF, Epsilon, Citigroup, and the websites of the CIA and CBI. Needless to say, these targeted attacks have brought into focus the need for tighter and more effective security systems for organisations globally.
ITG Asia recognises cyberattacks as the most pervasive high-priority risk facing companies across the globe. And the stakes of cybercrime are high. The potential impact of cyber risks to any individual business includes:
• Financial loss from theft or fraud;
• Loss of invaluable customer information or Intellectual Property;
• Possible fines from legal and regulatory bodies (e.g. FS, Information Commissioner) or expensive court actions resulting from breach of data protection or confidentiality regulations;
• Loss of reputation through 'word of mouth' and adverse press coverage; and
• Organisational survival itself.
In today's information economy, the protection of information assets (information security) is a key element in the long-term competitiveness and survival of commercial organisations. In an environment where the survival of individual organisations is, at least, partially dependent on the security of the critical national infrastructure, all organisations must contribute to improved cybersecurity. With the Internet becoming a ubiquitous communication and application platform, the greatest risk to the business is not cyberwar, but cybercrime.
Needless to say, the assessment and prevention of cyber risks associated with information assets are crucial to the success of a business. Effective cybersecurity depends on co-ordinated, integrated preparations for rebuffing, responding to and recovering from, a range of possible attacks. There is no single, stand-alone solution for cybercrime or for APTs (Advanced Persistent Threats); the very nature of an APT is that it is designed to evade standard security controls.
ISO 27001 - THE Cybersecurity Standard
Cybersecurity standards are an important element in building a strong, resilient information and communications infrastructure. ISO/IEC 27001 is the most significant international best practice standard available to any organisation that wants an intelligently organised and structured framework for tackling its cyber risks. ISO 27001, as a specification for an information security management system (ISMS), is clear and precise; it also lists 133 key security controls that should always be at the heart of any organisation's approach to securing its information assets.
ISO/IEC 27001, together with the international code of practice, ISO/IEC 27002, provides a globally recognised best-practice framework for addressing the entire range of risks which, taken together, may be described as cyber risks.
ISO27001 and ISO27002 are also common reference points for almost all laws and regulations that touch on information security. As almost every data breach is also likely to bring a legal exposure, there is real sense in basing an ISMS on an international standard that provides a recognised framework for information security controls.
Alan Calder, CEO of IT Governance, says, "Increasingly, organisations are seeing ISO 27001 certification as a minimum standard for information security management in their suppliers. With increasing cybercriminal activity and growing compliance requirements, effective data security is a 'must have' for any organisation that wants to compete in the 21st century".
ITG Asia recognises the importance of complying with ISO 27001 and therefore, takes the opportunity to raise awareness of this standard and effective information security management at this year's Summit. More information on the Standard and essential resources can be found on the following page:
www.itgovernanceasia.com/c-50-iso27001.aspx
Organisations are encouraged to download ISO 27001 (ISO/IEC 27001) ISMS Requirements by following the link below:
www.itgovernanceasia.com/p-948-iso-27001-isoiec-27001-isms-requirements-download.aspx
- Ends -
FOR FURTHER INFORMATION
Dominika Jankowska
Internet Marketing Executive
+1 877 317 3454
djankowska@itgovernance.co.uk
NOTES TO EDITORS
IT Governance Asia is the one-stop shop for books, pocket guides and tools for governance, risk management and compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance Asia is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernanceasia.com.
