Financial protection and reputational damage

Cybercriminals are almost always looking for financial gain. Of course, this is extremely annoying for the organization and its customers, perhaps worse than the financial damage is the damage to your reputation. Unlike financial damage, a dent in your reputation cannot be repaired with compensation. In fact, in some cases, an attack can lead to bankruptcy.

‍

Information security goes further than you think

In most organizations, information security is linked to technical measures and physical security of, for example, a server. However, this is not the full picture. Within your organization, everyone should know how important information security is. The vast majority (95%) of information security incidents are caused by human actions. Research by The Hague University into online behavior shows that:

• Nearly 90% of respondents chose a weak password and more than 50% chose a password that is less than seven characters long.
• 21% of respondents click on the hyperlink to an insecure email.
• 30% of respondents share personal information such as their full name, date of birth, or email address.

‍

This is what the ISO 27001 guidelines aim for, among other things: awareness. Indeed, ISO 27001 states that, in addition to technical measures, organizational measures must be taken.

ISO 27001 and information security

The ISO 27001 norm focuses on setting up a system related to information security management, making information security a focus point. The standard includes various areas of focus with which a company can set up such a system. This includes the availability, integrity and confidentiality of information. In addition, the standard requires that employees receive some form of awareness training so that incidents can be prevented.

‍

Want to know everything about the ISO 27001 standard? Receive here your free ISO 27001 guide!

‍