In October 2025, the second edition of ISO/IEC 27701 – Information security, cybersecurity and privacy – Privacy information management systems – Requirements and guidance was published. The major change is that the new edition of ISO/IEC 27701 has been revised as a separate standard for management systems. The standard sets out the requirements for establishing, implementing,…
The ISA/IEC 62443 series of standards represents the only globally consensus, comprehensive set of standards focused on Industrial Automation and Control Systems (IACS) security. This portfolio of standards and technical reports establishes a common vocabulary, risk model and control framework for industrial cybersecurity across industries. It addresses the entire security lifecycle of industrial systems, from initial…
ISO recently published the second edition of ISO/IEC 27018 – Guidelines for the protection of personal data in public clouds acting as PII processors. ISO/IEC 27018 provides guidelines for the protection of personal data in public cloud services, in particular when the cloud service provider acts as a processor of personal data. This standard, based on…
ISO/IEC 27400 provides guidelines for managing security and privacy in Internet of Things (IoT) systems throughout their lifecycle. It helps organizations identify risks, implement effective controls and ensure compliance, while strengthening resilience to cyber threats and building trust among stakeholders. PECB ISO/IEC 27400 Lead Manager training course The IoT environment is expanding rapidly, bringing new…
In May 2025, an updated ISO/IEC 27031:2025 – Cybersecurity – Information and communication technology preparedness for business continuity was released. What is ISO/IEC 27031? ISO/IEC 27031 provides guidelines for ensuring information and communication technology (ICT) readiness to support business continuity. It establishes a framework for ICT preparedness that aligns with broader business continuity objectives and helps…