Informationssicherheits

New ISO/IEC 27001 revision 2022

New ISO/IEC 27001 revision 2022

Cloud security, business continuity management and thread monitoring as focus points of the revised ISO/IEC 27001

image/svg+xml
image/svg+xml
Translations: Deutsch
3min
~600 w.

The ISO/IEC 27001 standard for information security management has been revised after five years. It provides protection against threats from the Internet.

This is achieved by introduction of suitable measures (“controls”) for the organization following a risk analysis.

A total of almost 100 such measures are planned, which must be continuously maintained in the sense of ongoing quality management (Kaizen, PDCA).

The introduction of ISO/IEC 27001, like cybersecurity in general, must be supported and borne by the management. The result is an information security management system that represents the best possible protection against cyber risks.

ISO/IEC 27001 provides for the possibility of auditing for an organization or an organizational unit.

From basic maturity-oriented protection to risk-based security management

The advantages of riskbased Cybersecurity based on ISO/IEC 27005

image/svg+xml
image/svg+xml
Translations: Deutsch
5min
~1000 w.

Although IT-Grundschutz catalogues allow a quick entry into cybersecurity, they neither offer effective protection of one’s own assets nor are they sustainably scalable.

Such checklists can be simply ticked off and completed – just like annoying compliance restrictions. However, your organization is “not a bit” safer – and still a lot of money has to be spent on it.

Why a risk-based approach is the much better choice.

The loss of the perimeter

The loss of the perimeter is more than a cybersecurity trend.

image/svg+xml
image/svg+xml
Translations: Deutsch
3min
~500 w.

The loss of the perimeter is not restricted to cybersecurity, it impacts organization as a whole. To cope with this trends agile concepts are necessary and helpful, also for cybersecurity. Business agility and cybersecurity have to proceed jointly to increase organizational resilience and regain autonomy in the cloud.