Sony Pixel Power calrec Sony

Security toolbox protects organizations from cyber-attacks

03/12/2015

Security toolbox protects organizations from cyber-attacks

Geneva, Switzerland, 2015-12-17 - Cyber-attacks are among the greatest risks an organization can face. Having standards and systems in place to keep information safe has therefore never been more important than in today's digital world. This is why the ISO/IEC 27000 series on security techniques for information technology has been updated to provide organizations with that added value and confidence.

In a global survey conducted by ISACA in 129 countries, only 38 % of respondents felt they were prepared for a cyber-attack - even though 83 % believed these are among the top three threats facing organizations today. With so much personal and sensitive information being handled electronically, there is a lot at stake if it were to be compromised.

Prof. Edward Humphreys, convenor of ISO/IEC Joint Technical Committee (JTC) 1 SC 27: IT security techniques, WG 1: Information security management systems (ISMS), emphasizes, To ensure security in today's digital landscape, all organizations, irrespective of size, should put in place a management framework as a starting point to manage cyber risks. ISO/IEC 27001 was designed to help organizations do just that. The Standard is the world's common language' when it comes to assessing, treating and managing information-related risks.

Below are the latest revisions and additions to the ISO/IEC 27000 series - all published in 2015 - which form part of the ISO/IEC 27001 cyber risk toolbox , to help keep these risks in check.

Protecting information in the cloud (ISO/IEC 27017)

A new code of practice for information security controls for cloud services, ISO/IEC 27017, has just been published. The cloud is one of the most widely used innovations in today's fast-paced world of commerce and business. As the service gains currency, users are demanding assurances that data stored and processed in the cloud is safe. Because of its very nature, the marketplace for cloud services is global, with providers dispersed across wide geographical areas, and data is routinely transferred across national boundaries. International guidance is therefore key.

According to Satoru Yamasaki, one of editors who worked on the Standard, ISO/IEC 27017 will help service providers come to a common understanding with their customers regarding adequate security controls and their implementation guidance. This International Standard for cloud security controls will facilitate the development and expansion of secure cloud computing systems.

The new guidelines are the result of a joint initiative by the world's main developers of International Standards - IEC, ISO, and ITU - to guarantee maximum outreach.

Integrated solutions for services (ISO/IEC 27013)

More organizations are choosing to combine an information security management system (ISO/IEC 27001) with a service management system (ISO/IEC 20000-1). An integrated system means an organization can efficiently manage the quality of its services, handle customer feedback and solve problems, while keeping information safe. ISO/IEC 27013 offers a systematic approach to facilitate the integration of an information security management system with a service management system, which results in lower implementation costs and avoids duplication efforts as only one audit, instead of two, is needed when seeking certification.

Inter-sector and inter-organizational communications (ISO/IEC 27010)

When an organization shares information with another organization, how can they be sure that their data will be kept safe? ISO/IEC 27010 is a sector-specific addition to the ISO/IEC 27000 toolbox, which guides the initiation, implementation, maintenance and improvement of information security in inter-organizational and inter-sector communications. It includes general principles on how to meet these requirements using established messaging and other technical methods. The Standard is expected to encourage the growth of global information-sharing communities.

As Dr. Mike Nash, an editor of ISO/IEC 27010, explains, ISO/IEC 27010 basically customizes and applies ISO/IEC 27001 and ISO/IEC 27002 to communication between organizations. Having the Standard in place gives an organization confidence that the information it has shared with another organization will not be inadvertently disclosed.

The Standard is particularly relevant for the protection of critical national infrastructure, where exchanging sensitive information securely is of utmost importance. It is also widely used by security incident response teams.

Detecting and preventing cyber-attacks (ISO/IEC 27039)

How can organizations detect and prevent cyber intrusions to their networks, systems and applications? Best practice shows that they have to be able to know when, if and how an intrusion into their network, system or application occurs. They should also be ready to identify what vulnerability was exploited and what controls should be implemented to prevent similar intrusions from taking place in the future. One way to do this is through an Intrusion Detection and Prevention Systems (IDPS).

ISO/IEC 27039 gives guidelines to prepare and deploy an IDPS, covering such crucial aspects as selection, deployment and operation. The Standard is particularly useful in today's market where there are many commercially available and open-source IDPS products and services based on different technologies and approaches. ISO/IEC 27039 will guide organizations throughout the process.

Audit and certification (ISO/IEC 27006)

More and more organizations are turning to third-party certification audits to demonstrate that they have in place a solid information security management system (ISMS) that conforms to the requirements of ISO/IEC 27001. ISO/IEC 27006 gives the requirements that certifi
LINK: http://www.iec.ch/newslog/2015/nr4415.htm...
See more stories from iec

More from IEC

13/03/2024

IEC welcomes KATS as first funding partner for Global Impact Fund

IEC's Global Impact Fund (IEC-GIF) took a step further in advancing the vision of a safer, more efficient world today with the signing of its first funding ...

12/03/2024

IEC appoints James Wood as Director of Communications

Geneva, Switzerland, 12 March, 2024 - The IEC today announced the appointment of strategic communications and advocacy professional James Wood as its new Direct...

05/02/2024

Transforming old batteries into new resources to improve lives in Africa

IEC's vision to create a safer, more efficient world gained further momentum recently with the launch of a new project supported by the IEC Global Impact Fu...

11/01/2024

IEC and ISO launch new joint technical committee on quantum technologies

Geneva, 11 January 2024 - The IEC and the International Organization for Standardization (ISO) today announced the establishment of a joint technical committee ...

24/10/2023

Greenwashing: industry now able to provide independent proof for environmental claims

With accusations of greenwashing increasing, industry urgently needed independen...

23/10/2023

IEC announces Edison Award winners

The IEC has presented its Thomas A. Edison Award to five individuals who have made outstanding contributions to the IEC. Created in 2010, the Award recognizes e...

28/06/2023

Transforming old batteries into new resources in Africa

IEC's vision to create a safer, more efficient world gained further momentum recently with the launch of the first project of the IEC Global Impact Fund. ...

31/05/2023

An abundance of marine energy: soon to become a reality

Geneva, Switzerland/Glasgow, UK, 31 May 2023 - Over 70% of the earth's surface is covered by oceans, which offer one of the largest untapped sources of ener...

28/10/2022

Industry leaders and technology experts in San Francisco for IEC General Meeting

San Francisco, 28th October 2022 - Business and industry leaders from around the world are joining technology experts in San Francisco for the 86th annual IEC G...

28/10/2022

Industry leaders and technology experts descend on San Francisco for annual IEC General Meeting

San Francisco, 28th October 2022 - Business and industry leaders from around the...

20/10/2022

G20: Recover together, recover stronger with international standards

Bali, Indonesia, 20th October 2022 - The leading international standards bodies - IEC, ISO and ITU - have urged world leaders to recognize, support, and adopt i...

03/11/2021

IEC, ISO and ITU ready to join proposed UN expert group to mitigate climate change

Geneva, 2 November 2021-The world's leading developers of International Stan...

28/10/2021

G20: Creating a better future with international standards

Milan, Italy, 28/10/2021 The world's leading standards bodies - IEC, ISO and ITU - have issued a joint declaration ahead of the G20 summit in Rome. They cal...

07/10/2021

2021 Lord Kelvin Award

Geneva, Switzerland, 2021-10-07 - The IEC has awarded the 2021 Lord Kelvin Award to Mr Tony Capel from Canada for his dedicated contributions and participation ...

05/10/2021

IEC recognizes four experts with its Thomas Edison Award

The IEC has presented its Thomas Edison Award to four individuals who have made outstanding contributions to the IEC. Created in 2010, the Thomas Edison Award r...

03/10/2021

IEC General Meeting officially opens in Dubai

Dubai, United Arab Emirates, 2021-10-01 - Nearly 600 participants representing 172 countries will attend the IEC General Meeting taking place in Dubai. Against ...

08/07/2021

An interchangeable charging solution for all consumer electronic devices is here

After the successful introduction of a common charging solution for mobile smartphones (based on USB technologies), in 2011, the IEC published a common charging...

27/01/2021

ISO and IEC experts win prestigious Emmy award

Geneva, Switzerland, 2021-01-26 - The joint technical committee of IEC and ISO (ISO/IEC JTC 1) has been awarded a Technology & Engineering Emmy . The US-based N...

03/12/2020

Celebrating World Standards Day 2020

The IEC, ISO and ITU announce the winners of the annual World Standards Day contest. This year, a poster contest was launched, along the theme of Protecting the...

03/12/2020

G20: call to action on international standards

Organizers of the Riyadh International Standards Summit held on 4 November 2020 have issued a call to action for the recognition, support and adoption of intern...

03/12/2020

IEC launches its first virtual General Meeting

Over 400 participants representing 84 countries are attending the first virtual IEC General Meeting. It consists of 15 sessions taking place between 9 and 20 No...

03/12/2020

IEC presents its Thomas Edison Award recipients

The IEC has presented its Thomas Edison Award to four individuals who have made outstanding contributions to the IEC. Created in 2010, the Thomas Edison Award r...

03/12/2020

IEC publishes a white paper on the future of safety

The Internet of Things, big data, advanced robotics and artificial intelligence are transforming the connection between technology and people. New and complex s...

03/12/2020

2020 Lord Kelvin Award

Geneva, Switzerland, 2020-11-13 - The IEC has awarded the 2020 Lord Kelvin Award to Mr. Toshiyuki Kajiya from Japan for his outstanding contribution to the deve...

27/10/2018

IEC awards highest honour in electrotechnology to Wim De Kesel

IEC awards highest honour in electrotechnology to Wim De Kesel 2018 Lord Kelvin Award recognizes Mr De Kesel's leadership in standardization in the areas of...

18/10/2018

IEC-IEEE-KATS Challenge awards first place prize to paper addressing standardization in a smart era

IEC-IEEE-KATS Challenge awards first place prize to paper addressing standardiza...

10/10/2018

Getting the packaging right - International Guide just updated

Getting the packaging right International Guide just updated Geneva, Switzerland, 2018-10-03 - Packaging has come a very long way since its humble beginnin...

27/07/2018

Addressing ethics in autonomous and intelligent systems: IEC launches an open community jointly with eight other founding organizations

Addressing ethics in autonomous and intelligent systems: IEC launches an open co...

26/07/2018

Newly improved guidelines for testing machine-readable passports just out

Newly improved guidelines for testing machine-readable passports just out Machine readable passports enable faster more accurate processing Geneva, Switzer...

16/07/2018

Reducing the risks of information security breaches with ISO/IEC 27005

Reducing the risks of information security breaches with ISO/IEC 27005 New legislation puts organizations under even greater pressure to ensure their informatio...

30/05/2018

Future-proofing pre-payment meters

Future-proofing pre-payment meters Key International Standard to enhance security and functionality of metering pre-payment systems Geneva, Switzerland, 20...

30/05/2018

IECRE issues first solar PV certificate

IECRE issues first solar PV certificate IEC TS 62941 certificate identifies best practices for design, manufacturing and materials Geneva, Switzerland, 201...

08/02/2018

Jo Cops elected new Treasurer of IEC

Jo Cops elected new Treasurer of IEC Transparency and improving decision-making data to be main focus Geneva, Switzerland, 2018-01-01 - Belgian Jo Cops too...

29/01/2018

IEC TS 63033 Drive Monitoring System enables drivers to see all around their vehicles

IEC TS 63033 Drive Monitoring System enables drivers to see all around their veh...

01/12/2017

New edition of ISO/IEC 17025 just published

New edition of ISO/IEC 17025 just published The go-to international reference for calibration and testing laboratories worldwide Geneva, Switzerland, 1 Decem...

27/11/2017

International Standard looks to curb theft of personal data

International Standard looks to curb theft of personal data Uber is making headlines for its reaction to the theft of the personal data of 57 million drivers ...

24/11/2017

Keeping people at the centre of smart city initiatives

Keeping people at the centre of smart city initiatives Developing smart city solutions that are citizen-centric and offer real value will be key to future suc...

26/10/2017

IEC, ISO and ITU receive Primetime Emmy award for excellence in video engineering

IEC, ISO and ITU receive Primetime Emmy award for excellence in video engineerin...

23/02/2016

Common terminology for information security management just revised

Common terminology for information security management just revised Geneva, Switzerland, 2016-02-23 - All information held and processed by an organization...

09/02/2016

New global platform to help cities become sustainable and smart

New global platform to help cities become sustainable and smart Geneva, Switzerland, 2016-01-15 - While we often hear about smart, sustainable cities, addi...

03/12/2015

Security toolbox protects organizations from cyber-attacks

Security toolbox protects organizations from cyber-attacks Geneva, Switzerland, 2015-12-17 - Cyber-attacks are among the greatest risks an organization can ...

27/04/2015

Is your workplace safe?

Is your workplace safe? Geneva, Switzerland, 2015-04-27 - When people go to work, they usually expect to carry out their activities in a healthy and safe e...

09/04/2015

When everyday symbols become art

When everyday symbols become art The IEC power symbol at MoMA Janice Blondeau It's not every day that the work of the IEC enters the realms of visual art...

07/04/2015

Have you ever been shocked?

Have you ever been shocked? Some simple rules and useful tools that protect against electric shock Claire Marchand Who among you hasn't at least once in...

19/03/2015

Powering the planet with water

Powering the planet with water The special link between water and energy Geneva, Switzerland, 2015-03-19 - On 22 March, World Water Day will be celebrated wi...

03/03/2015

Digital meets the visible world

The future of 3D printing Digital meets the visible world Gabriela Ehrlich e-tech attended a presentation by Carl Bass, CEO of Autodesk during CES. Carl Bass...

02/03/2015

Wearing it well

The great potential of wearables Wearing it well Antoinette Price Do you monitor yourself closely? Heart rate, carb intake, sleeping patterns? Do you track y...

26/02/2015

Getting Smart about Energy

IEC Systems Committee Smart Energy Systems Committee on Smart Energy to extend the scope of strategic or other horizontal groups to bridge areas covered by mor...

24/02/2015

Tech trends 05

Tech trends 2015 Insights from author of Digital Destiny Shawn DuBravac Gabriela Ehrlich The 2015 CES was again a show of records, reflecting the growing im...

23/02/2015

Leading from the front

Leading from the front Introducing 2014 IEC Young Professional Leaders Janice Blondeau During the IEC Young Professionals workshop in Tokyo in November 2014,...