Cyberlink Security
  • home
  • services
  • about us
  • blog
  • get in touch
  • home
  • services
  • about us
  • blog
  • get in touch

Cyberlink Security

Solutions to make your life easier

Is ISO27001 a good basis for your Cyber Security Strategy?

cybersecurity 1

In this series of posts I would like to explore how you might use ISO27001 as a solid foundation for your cyber security strategy.  An ISO 27001 certification demonstrates the conformity of your company’s ISMS with the documented standards,  so is an essential part of your cyber security.  

 My name is Arthur Donkers and my experience with ISO27001 goes back to BS17799 (the infamous best practices list) and I have helped a number of small and large organisations to implement and audit an ISMS. But enough about me, let us focus on cyber and how to leverage the skills and expertise we already have with ISO27001 to build and operate a practical and effective cyber security strategy.

In this series of posts I will consider and answer the following questions:

– Why do WE need a cyber security strategy?

– What assets/values do I need to protect?

– What do I need to protect those assets from?

– How do I protect them?

– How can I maintain my cyber security position?

Keener readers will already have spotted the steps of the PDCA cycle in these questions. For those that are new to ISO27001, the PDCA cycle is the basis for your Information Security Management System (ISMS), and defines 4 steps that you need to perform for your ISMS: Plan, Do, Check and Act (hence the name PDCA). These steps more or less align to the chapters in the ISO27001 standard.  We will look at all of these in future posts.

I would like to close this post with a loose definition of Cyber Security. While researching the term, it turned out a lot of people and organisations use the term Cyber in different settings, but find it hard to give a clear definition. Based on my personal experience and preference, I define cyber security as:

“The protection of digital information processing assets against abuse, disclosure, manipulation and other negative impact on you, your organisation or your stakeholders.”

This is a broad definition, I know, but it ties in with ISO27001 in a very nice way.

This concludes this introductory post.   I hope you will join me for the next articles in which I would like to answer, amongst other  questions “Why an organisation should have a cyber security strategy?” and “How can we make our cyber security strategy support our organisational goals and drivers?”.

Please subscribe to our newsletter to be sure not to miss any future posts, and do please contact me if you have questions or suggestions for specific topics.

Stay safe!

Arthur Donkers

Cyberlink Security Ltd.

Related Articles

  • Cork University Hospital Cybersecurity
    Ransomware attack on Cork University Hospital computers
  • hacker for cc
    Will quantum computers break today's encryption?

Recent Posts

  • Ransomware attack on Cork University Hospital computers
  • Will quantum computers break today’s encryption?
  • A look into GDPR and the late Easy Jet Breach
  • What am I protecting my cybers from? (part 2)
  • Are the browser wars over?
  • Why so many bitcoin scams? They are cheap, easy, and efficient to execute.
  • What does it take to build good pentest boxes to test cyber security skills?
  • What am I protecting my cybers from? (part 1)
  • What do I need to protect with cybersecurity?
  • Why are we seeing such high profile failures of cybersecurity?
  • What happens to my cybersecurity if I use cloud services to outsource my IT?
  • Who are my Cyber Stakeholders?
  • Why should my organisation have a cybersecurity strategy?
  • Is ISO27001 a good basis for your Cyber Security Strategy?
  • PECB United Kingdom has signed a partnership agreement with CyberLink
  • Four reasons why traditional information security fails in agile environments
  • Vulnerabilities to exploit a Chinese IP camera
  • Verizon issues their 2020 Mobile Security Index report
  • Why Traditional Information Security Fails
  • Why is Cyber Security Important?