Last Updated on April 9, 2012
These ISO 27001 links are part of a weekly series, Ethical Hacker Roundup, featuring the information security and cyber security related articles that we’ve read over and thought worth sharing from the past week.
These articles have were emailed to us, shared on Twitter @pivotpointsec, Google Plus and read in RSS subscriptions this week.
I came across the article, ISO 27001 Helping Businesses Be Their Own Cyber Police, and though how the headline really explains a big part of the 27001 certification process.
An often overlooked (yet very important) bonus to 27001 is the involvement by upper management.
Now, I’m not talking about the Director of so and so. I’m talking about the CIO, CEO, etc.
In addition to that, 27001 certified businesses are consistently following their documented policies, procedures and standards. They are also undergoing internal audits for compliance with the certification.
Combine these things and more; make a business their own cyber security police. Remember, ISO 27001 certification doesn’t mean a business is 100% secure – it means they are taking every precaution and putting necessary controls in place to reduce the information securtriy risk to an acceptable level.
A while back John gave a fantastic webinar for businesses to see if ISO 27001 certification is right for them. I recommend checking it out.
A question was asked in the ISO 27001 group on LinkedIn.
Can anyone tell me the correct difference between “Event and Incident” with examples. As we are implementing ISO 27001, I need more clarification on that with some examples
After reading the question, I asked John Verry (ISO-27001 Certification Lead Auditor) for his explanation of events and incidents. This is what he had to say:
According to the ISO 27001 standard an information security event is an identified occurrence of a system, service or network state indicating a possible breach of information security policy or failure of safeguards, or a previously unknown situation that may be security relevant where an information security incident is a single or a series of unwanted or unexpected information security events that have a significant probability of compromising business operations and threatening information security.
Stated another way – an incident is an event or a series of events that have risen to a level requiring action to prevent them from negatively impacting the organization.
During a 27001 certification of surveillance audit the auditor will look to ensure that security incidents have been identified and appropriate corrective actions were put in place to demonstrate continuous improvement.
ISO 27001 Consulting
It is the ability to certify the operation of an ISMS that makes 27001 unique and makes it ideal to be used as a form of independent attestation to the design and operation of an Information Security program. Pivot Point Security can help your business achieve 27001 certification. See how we can help.