3 Common ISO 27001 Implementation Challenges - and How to Overcome Them

Welcome to this week’s edition of Security Spotlight, where we shine a light on:

• 3 common ISO 27001 implementation challenges – and how to overcome them
• How to conduct an ISO 27001 internal audit
• The GDPR Benchmark Report: four years of gap analysis results
• Fidelity says data breach exposed personal data of 77,000 customers
• The Internet Archive is still down but will return in ‘days, not weeks’
• How to improve your skills in conducting an information security risk assessment with our workshop

3 Common ISO 27001 Implementation Challenges - and How to Overcome Them

What common implementation challenges do our ISO 27001 consultants come across? And how can organizations address them?

We put those questions to Damian Garcia, the head of GRC (governance, risk, and compliance) consultancy at IT Governance.

Damian has worked in IT for more than 30 years, providing clients globally, and in a range of industries, with pragmatic advice and support around information security and risk management.

In this interview

1. Don’t assume you won’t suffer a security incident
2. Enforce policies – don’t just write them
3. Avoid the outsourcing trap: The risk remains yours

Read more??

How to Conduct an ISO 27001 Internal Audit

A key part of any ISO 27001-compliant ISMS (information security management system) is that it undergoes internal audits at “planned intervals” (Clause 9.2.1).

This tells the organization whether its ISMS conforms to both:

• The ISO 27001 requirements
• Any further self-imposed requirements

In short, internal audits are a vital tool for checking that you’re operating and maintaining your ISMS effectively.

Read more??

Free Report: GDPR Benchmark Report 2024

The GDPR Benchmark Report covers four years of gap analysis results, taken from organizations across a wide range of industries and sizes.

Download the report to discover:

• Our best practice method for assessing GDPR compliance
• How organizations across a wide range of industries and sizes fared when our experts scrutinized their GDPR compliance
• Compliance levels in individual sector and size breakdowns
• Our top tips for overcoming your own compliance challenges

Download now??

Fidelity says data breach exposed personal data of 77,000 customers

Fidelity Investments, one of the world’s largest asset managers, has confirmed that over 77,000 customers had personal information compromised during an August data breach, including Social Security numbers and driver’s licenses. Continue?reading??

The Internet Archive is still down, but will return in 'days, not weeks'

The Internet Archive will come back within “days” following a cyberattack that brought down the organization’s vast digital library and the Wayback Machine, according to an update from founder Brewster Kahle. It’s been struggling due to a data breach and DDoS attack earlier this week that revealed the email addresses, screen names, password change timestamps, and other information associated with more than 31 million unique email addresses. Continue?reading??

Information Security Risk Assessment Workshop

Take this hands-on, two-hour workshop to improve your skills in conducting an information security risk assessment – a critical process aligned with ISO 27001 principles for maintaining compliance and cybersecurity in your organization.

Sign up now