Issue Ten • September 2023

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

18 Cyber security

“Organizations must adapt to the idea that individuals are a key part of security control, just as much as the environment created by the employer.”

understand and mitigate the risks of cyber-attacks with the right systems and procedures in place,” says Tim. Another element to add to the

risk profile is the increase in hybrid working, initially caused by the Covid-19 pandemic. Employees splitting their time between home and the office has since become the norm. Despite this, many businesses are operating on an ad hoc basis rather than having developed policies and systems to reduce risk. While working from home,

employees are outside of company security firewalls, with less supervision and fewer technical controls. Devices and documents can be lost, viewed by non-employees or misused. This has added a new level of risk, yet only 23% of businesses have cybersecurity policies that cover home working. “There is no going back to pre- pandemic ways of working,” says Joy Tan, Senior Standards Manager,

Digital, at BSI. “Organizations must adapt to the idea that individuals are a key part of security control, just as much as the environment created by the employer.” To take account of the increased risk arising from the growth of hybrid working, ISO/IEC 27002, has recently been updated (see BS EN ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection – Information security controls). The standard provides guidance for managing information security risks by implementing security controls within the framework of an overall information security management system (ISMS).

The ISO/IEC 27001 standard was also updated in 2022. This key standard is the cornerstone of the international ISO/IEC 27000 series of standards on information security management. Very widely used and globally recognized, ISO/IEC 27001 provides requirements for the development and

Cybersecurity solution pack Click to read

operation of an ISMS. In a further move to make the information security standards more accessible, BSI has put together a Solution Pack. The comprehensive Solution Pack includes the standards and supplementary content to help businesses significantly improve the security of their data and information (see pop up above).

The increase in hybrid working has increased the risk of cyber attacks

“It guides organizations through

the process of adopting information security best practices to effectively prevent cyber-attacks,” says Tim. “By providing the essential security standards alongside bespoke supplementary material in one place, it has never been easier to take that next step to future-proofing your organization.”

Contents

Subscribe

Contact us

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43