After a quiet period of non-activity on my blog due to rather extensive commitments at home and with my new job, I was recently approached and asked if I would like to put together an article for Cecile Park Media, who write and publish numerous journals on law and technology, including Cyber Security.
I wrote for them once before with an article titled “Modern Day Policing and the fight against Cyber Crime”, which was published in their May issue back in 2015. This time I was asked if I would consider doing more on Information and Cyber Security, to which I was both flattered and also very happy to agree to the request.
The article is titled “ISO 27001 and 27002: Going back to basics on Security” and discusses how I feel organisations and businesses should consider taking a step back, reviewing their Information Security plans and policies, and starting off with the basics before spending huge amounts of money on potentially unnecessary controls, whilst giving the CISO (Chief Information Security Officer) full support to implement a comprehensive and hollistic Information Security Management System (ISMS).
The article goes into a little bit of of detail as to the things to consider, how to use both the 27001 standard and 27002 guidance together to build the ISMS to suit the organisation, and recommends ways in which to better support and educate staff on best practices both at work and at home.
The link for the journal issue can be found here:
Unfortunately, it is currently behind a paywall for the journal, but you can sign up for a free trial quite quickly, or alternatively I’m allowed to post a PDF copy of the article (not the rest of the journal) 30 days after publication, which I’ll be sure to do.
I hope you enjoy the article, and if anyone has any feedback or comments then don’t hesitate to let me know.