How to embed security awareness in business processes

All businesses have processes for their operations. These can be production, sales, support, IT, procurement, auditing, and so on. All businesses also need risk management. Traditional risk management has focused on financial risks, as well as HSE risks. These governance activities are also legal requirements in most countries. Recently cybersecurity has also caught mainstream attention, … Continue reading How to embed security awareness in business processes

How to build up your information security management system in accordance with ISO 27001

Maintaining security is an ongoing process which requires coordinated effort by the whole organization. Without backing from the top management levels and buy-in through the ranks there is little chance of building up resilience against cyber attacks. As organization complexity increases and value creation becomes distributed it will be necessary to have an integrated approach … Continue reading How to build up your information security management system in accordance with ISO 27001