ISO released a 2022 update to its information security management system, ISO 27002. As information security becomes a more prevalent concern, ISO's new standard aims to give additional security oversight tools to companies seeking a better picture of existing risks and needed security actions. The main revisions appear in information security controls that reflect any … [Read more...] about ISO releases a new version of ISO/IEC 27001
cybersecurity
Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
This new NIST publication provides guidance to organizations on identifying, assessing, and mitigating cybersecurity risks throughout the supply chain at all levels of their organizations. The publication integrates cybersecurity supply chain risk management (C-SCRM) into risk management activities by applying a multilevel, C-SCRM-specific approach, including guidance on the … [Read more...] about Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
Changes in the New ISO/IEC 27001 and ISO/IEC 27002
ISO/IEC 27001 is under revision, and ISO/IEC 27002:2022 – Information Security, Cybersecurity And Privacy Protection – Information Security Controls has been released. The latest revision of ISO/IEC 27002 was published in February 2022, and ISO/IEC 27001 will follow shortly thereafter. The International Organization for Standardization (ISO)/International Electrotechnical … [Read more...] about Changes in the New ISO/IEC 27001 and ISO/IEC 27002
Fortify Your Business: Five Practices for Stellar Cybersecurity
The human element remains the weakest link in cybersecurity, as an annual report reveals that 85 percent of all data breaches are in one way or another caused by an employee. As digital technologies become essential in modern organizations, no industry is safe from cybercriminals exploiting their weak spots. “Identifying where the risks lie is a good … [Read more...] about Fortify Your Business: Five Practices for Stellar Cybersecurity