Sometimes I feel like we’re already living in some weird, futuristic world that used to be the stuff of science fiction, you know, the world Hollywood portrays as being dark, overcast, and colorless, and where unthinkable laws and selfish practices abound. Our future is now decided by a generation of folks who barely know when, where, or how to vote, and when they do vote, their decision is based on, How will this affect me personally… in the next five minutes?
I have a theory about how this came to pass. We speak highly of the Greatest Generation, those hardy souls who struggled through the Great Depression and World War II with persistence, strength, and ingenuity. Naturally, they didn’t want their children to suffer as they had, and they worked hard to make everything easier for them. As any parent knows, it’s an understandable desire. But unfortunately, a couple of generations down the line, and we end up with a culture who believes they’re entitled to things, and if they suffer it is always someone else’s fault and they must be compensated.
The inherent brilliance of Americans has led to some amazing forward leaps in technology, while simultaneously creating a generation of young people who are well-connected in cyberspace but increasingly more disconnected on a personal level. In cyberspace you can be rude, disrespectful, anonymous, and regress to humans’ basest instincts.
This is a world now where a mother can establish detailed rules for her 13-year-old son’s cell phone use, and this event makes national news, seen to be as astonishing as the technology about which she’s establishing rules. She’s being praised (and yes, I agree, good for her); people want copies of the contract.
Some will say it is newsworthy because her contract was 18 points long. Okay, granted, neither my parents nor my friends’ parents ever wrote down the rules for us, but I bet if they had, there would have been far more than 18 points.
So on the one hand, I’m sad that such things make the news these days, but on the other hand, I applaud the contract-making mom for taking a stand for good parenting and drawing attention to the fact. Hopefully, many parents will be inspired, and it will be a step in the right direction. Parents, take note. The actions of future generations depend on your actions today. It all starts in the home.… Read More
<!– @page size: 21cm 29.7cm; margin: 2cm P margin-bottom: 0.21cm –>
Protecting a company’s assets was until fairly recently, largely a matter of locks, keys and monitoring individual employees and visitors.
However in a few short years electronic data security rapidly overtook physical security as the key vulnerability to be addressed by any organisation wishing to survive in the new digital environment.
Information security management has become a key business discipline and adoption of standards relating to it bring companies a number of benefits.
The ISO/IEC 27001 Information Security Standard
ISO/IEC 27001 is the internationally agreed specification for information security. It requires that management:
Systematically examines the organisation’s information security risks.
Designs and implements a coherent and comprehensive suite of information security controls and/or other forms of risk treatment.
Adopts an overarching management process to ensure that their information security controls continue to meet the organisation’s information security needs on an ongoing basis.
An Information Security Management System (ISMS) is an integral part of attaining and maintaining the ISO 27001 standard. An ISMS is a set of policies that brings information security under explicit management control.
The governing principle behind an ISMS is that an organisation should design, implement and maintain a set of processes and systems to manage threats to its information assets. Thereby ensuring acceptable levels of information security are maintained over the long term.
Benefits of adopting ISO/IEC 27001
Many information security incidents are entirely preventable and the implementation of an Information Security Management System (ISMS) enables businesses to have a stronger information security presence and reduce the impact of incidents and costs resulting from a weak infrastructure.
ISO/IEC 27001 also incorporates the Plan-Do-Check-Act scheme. This allows the ISMS security system to be reviewed, updated and tailored on a regular basis to ensure it remains relevant and effective for the organisation.
ISO 27001 provides a company with assurance, knowing that the information which they hold is contained and monitored in a secure manner. It provides a framework for companies looking to enhance their Information Security Management System and develop and enhance best practice.
It can also be a deciding factor in contract tenders. Having ISO 27001certification instils confidence and raises the general perception of the company.
Implementing an Information Security Management System (ISMS)
External consultants such as London-based QCC Information Security are qualified lead auditors with first hand experience of the implementation of the required clauses and controls from this industry best practice.
They use their expertise to help:
Adapt the “Plan-Do-Check-Act” scheme to tailor the ISMS for each organisation.
Reduce the complexity of security controls and distil a clear and prioritised set of objectives.
Implement a risk based approach that is manageable and understood by the organisation.
Develop a security policy that is simple, concise and easily understood by your staff, ensuring they understand their security obligations.
In addition, external consultants will support you in a review of your existing security framework and help you understand whether your security controls are addressing the real threats to … Read More