How can attacks be avoided?
✓ Ensure essential controls are met
✓ Find, track, and assess data
✓ Monitor event logs
What do attacks have in
common?
75% were not discovered
83% were not highly difficult
87% were avoidable
How do breaches occur?
62% system error
59% hacking and intrusions
31% incorporated malicious code
22% exploited a vulnerability
15% physical threats
Who is behind data breaches?
73% resulted from external sources
18% were caused by insiders
39% implicated business partners
ISO 27001 Certification |
Processes are the core focus of every company, which are today more than ever dependent on functioning information technology. The recent years have revealed that not the various firewalls or the best virus scanners achieve the level of IT security that we require today. It is much more the procedure of the surrounding systems, which ensure sustaining security. Unfortunately even today hardware and software is invested in without defining operation or procedure. The ISO 27001 or the IT Baseline Protection Handbook for security in information technology helps companies. The ISO 27001 standard replaces the internationally recognised British Standard (BS) 7799-2 and set outs how a company should secure the confidential handling of information. The Standard requires that the protection of information is a high priority for each individual employee. The company must also prove that it also implements this in internal processes and IT systems. This level may be tested by external auditors and made visible to partners and customers. Not only that through such certification that the requirements of Basel II are met, but that the conscientious handling of IT security is visible to all. |
![]() |
|