14 DAY TRIAL // The Information Security Forum (ISF) – a not-for-profit association that dedicates its activity to cyber, information security and risk management – has released the Standard of Good Practice 2013 (The Standard), a report that’s updated annually by the organization to reflect the latest aspects of the IT security industry. “Managing information risk is critical for all organizations to deliver their strategies, initiatives and goals. Consequently, information risk management is relevant only if it enables the organization to achieve these objectives, ensuring it is well positioned to succeed and is resilient to unexpected events,” noted Steve Durbin, global vice president of ISF.
“As a result, an organization’s risk management activities – whether coordinated as an enterprise-wide program or at functional levels – must include assessment of risks to information that could compromise success,” Durbin added.
“The Standard is the industry’s most business-focused, all-in-one source of information security controls available, enabling organizations to adopt good practice in response to evolving threats and changing business requirements.”
Organizations can use The Standard increase confidence in their ability to meet legal, contractual and regulatory obligations, and to prepare for major cyber security incidents that could have a serious impact.
In addition, it helps companies increase their cyber resilience to better respond to the rapidly evolving threats.
The latest report also covers requirements from standards such as the SANS Institute’s “SANS 20 Critical Security Controls,” the UK Government’s “10 Steps to Cyber Security,” the British Standards Institution’s PAS 555, and the Australian Government’s “Strategies to Mitigate Targeted Cyber Intrusions.”
“With the introduction of mobile devices in the workplace (BYOD) and the development of cloud infrastructure, organizations need to be proactive in implementing security best practices, such as SANS 20 and PAS 555, to develop an effective security program to defend against cyber-attacks and other threats, both internal and external,” Durbin said.
The report is free for ISF member companies. Non-members can purchase it. For additional information, contact Steve Durbin at [email protected].