Financial Protection and Reputational Damage
Almost always, cybercriminals are out for financial gain. This is obviously incredibly annoying for the organization and its customers, perhaps worse than the financial damage is the damage to your reputation. Unlike financial damage, a dent in your reputation cannot be repaired with compensation. Indeed, in some cases an attack can lead to bankruptcy.
Information security goes further than you think
In most organizations, information security is linked to technical measures and physical security of a server, for example. However, this is not the full picture. Within your organization, everyone should know how important information security is. The vast majority (95%) of information security incidents are caused by human actions. Research by The Hague University of Applied Sciences on online behavior shows that:
- Almost 90% of respondents choose a weak password and more than 50% choose a password of less than seven characters.
- 21% of respondents click on the hyperlink of an unsafe email.
- 30% of respondents share personal information such as their full name, date of birth or email address.
This is what the guidelines of ISO 27001 aim at, among other things, "awareness. In fact, ISO 27001 states that in addition to technical measures, organizational measures must also be taken.
ISO 27001 and information security
The ISO 27001 standard focuses on establishing a system related to information security management, making information security a focal point. The standard contains several focus areas that a company can use to set up such a system. These include availability, integrity and confidentiality of information. In addition, the standard requires that employees receive some form of awareness training so that incidents can be prevented.
Want to know all about the ISO 27001 standard? Get your free ISO 27001 guide here!
.png)
