ISO 27001, safety and security, independent of circumstances

Protecting an organisation’s information from data fraud is an increasingly complex process, often involving a multitude of systems and specialists to implement correctly. However, failure can be imminent if the entire system is not effectively governed within the organisation’s structure.

Cyber-attacks, theft of intellectual property or sabotage are just some of the information security risks organisations are subject to, with huge consequences.

Information is one of the essential building blocks of an organisation, regardless of industry. A series of security rules, adopted over the long term, support organisations so that the information that helps them to carry out their processes is protected.

We recommend rigorous management of information systems by taking proactive measures to minimise the impact of potential cyber fraud.

In this period, against the backdrop of the COVID-19 pandemic, we note the emergence of a type of cyber-fraud that is home-grown. Specifically, the “message from the top” type of fraud, which consists of receiving emails or phone calls, apparently initiated by the organisation’s management, but behind which cyber criminals hide, with the aim of obtaining large bank transfers or information capable of causing damage to the organisation.

Protecting an organisation’s information from data fraud is an increasingly complex process, often involving a multitude of systems and specialists to implement correctly. However, failure can be imminent if the entire system is not effectively governed within the organisation’s structure.

Cyber-attacks, theft of intellectual property or sabotage are just some of the information security risks organisations are subject to, with huge consequences.

Information is one of the essential building blocks of an organisation, regardless of industry. A series of security rules, adopted over the long term, support organisations so that the information that helps them to carry out their processes is protected.

We recommend rigorous management of information systems by taking proactive measures to minimise the impact of potential cyber fraud.

In this period, against the backdrop of the COVID-19 pandemic, we note the emergence of a type of cyber-fraud that is home-grown. Specifically, the “message from the top” type of fraud, which consists of receiving emails or phone calls, apparently initiated by the organisation’s management, but behind which cyber criminals hide, with the aim of obtaining large bank transfers or information capable of causing damage to the organisation.

From this perspective, it is our conviction that an information security management system based on solid foundations is necessary to face current risks.

In support of rigorous information security in organisations, Systema recommends the implementation of ISO 27001:2013.

This standard sets out the specifications of an information security management system and offers the following benefits:

  • developing a framework for managing the security of its information assets
  • credibility, integrity and trust offered to contractual partners
  • ensuring a disaster recovery plan appropriate to the organisation
  • increase productivity by minimising operational risks
  • international recognition
  • differentiation from competitors when participating in public tenders

„Safety is not a device, but a state of mind.”

Eleanor Everet

More guidance and details on ISO 27001:2013, aici.