A resilient organisation can anticipate and respond to threats and opportunities arising from sudden or gradual change. In order to meet its objectives, thrive and survive, the organisation must be able to absorb change and adapt to a changing environment. Increasing resilience should therefore be a strategic goal of each organisation. Many factors influence the true resilience…
The currently valid international standard ISO/IEC 27002 was issued in 2013. A new version will soon replace it. The new structure introduces a breakdown of information security controls according to categories and several other attributes. The latest version of the standard defines new controls, changes the original controls and combines some controls. This article briefly describes the…
Information security and privacy are closely linked. And setting the right level of information security and privacy cannot be done without managing risks that can affect both organisations and individuals. Information security and privacy risks Information security risks relate to breaches of the confidentiality, integrity and availability of business processes or information. Organisations may use…
Generally, binding laws, standards and various norms determining the rules of conduct are an everyday part of our lives. Enormous developments, especially in information technology, business approaches and related regulations, force organisations, whether in the private or public sector, to streamline their activities. When it comes to efficiency in managing the management and control of…
Information security and cybersecurity are closely related and overlap but have different goals. Information security addresses the confidentiality, integrity and availability of information, while cybersecurity is primarily concerned with protecting the lives, health and property of people and organisations, society and nations as a whole.