CCR Magazine

CCRi banner ad
You are here  :Home arrow News arrow Taking information security management to another level with a new standard for market sectors
Contact Us Newsletter Signup RSS Feeds

Latest News Headlines

Headlines

 
Commercial Credit News

Headlines

 
Taking information security management to another level with a new standard for market sectors PDF Print E-mail
Tuesday, 16 August 2016
With cyber threats on the rise putting businesses and industries at risk, it is more important than ever that organizations protect their information and that of their customers. It is no surprise, then, that ISO’s standard for information security, ISO/IEC 27001, has become so widely used. A new standard just published will take that a step further, helping to apply the requirements of this flagship standard to specific sectors. 

Offering more tailored protection for specific sectors (e.g. finance, transportation and healthcare, and infrastructure projects such as smart cities) to ward off threats to their information has become a political, business and economic imperative, driving a need for sector-specific cyber standards. The recently published ISO/IEC 27009 will help standards developers do just that, providing the necessary advice and guidance on how to create standards that apply ISO/IEC 27001 to individual sectors.

ISO/IEC 27009, Information technology – Security techniques – Sector-specific application of ISO/IEC 27001 – Requirements, joins the ISO/IEC 27000 family of standards to help maximize the effectiveness of ISO/IEC 27001. It explains how to include requirements and controls additional to those in ISO/IEC 27001 that are applicable to specific sectors, enabling them to achieve consistency when developing standards in this family.

Prof. Edward Humphreys, Convenor of ISO/IEC SC 27/WG 1, the working group that developed the standard, said ISO/IEC 27001 is the international common language for information security management, so ISO/IEC 27009 will enhance this common language across the sector landscape and shape the development of standards for sector-specific information security and privacy.

“We have already developed several sector-specific standards, such as ISO/IEC 27011 for telecoms, ISO/IEC 27017 for cloud computing and ISO/IEC 27019 for the energy sector. These standards are examples of where controls, additional to those in ISO/IEC 27001, have been defined to meet the requirements of the specific sectors concerned. In developing these standards, it became clear that a harmonized structure and language, based on ISO/IEC 27001, and specific guidance would make the development of future sector-specific standards more effective, and avoid duplication.

“ISO/IEC 27009 will ensure that the development of new, and the revision of existing, sector-specific standards can all adopt an approach that is consistent with ISO/IEC 27001. Therefore, it will provide advice on how to add to, refine or interpret the requirements of ISO/IEC 27001 and how to add or modify the implementation guidance of ISO/IEC 27002 for sector-specific use.”
 
CCRI
3 October - Guoman Tower Hotel, Central London 

CCRInteractive, in association with Marston Holdings , is the largest and leading one-day conference from the publishers of CCRMagazine – a truly national and international event for the credit industry.

This landmark event allows delegates to: Learn best practice of how to increase profitable sales in today’s economy. Understand the key compliance issues and how they will impact upon you. Discuss the legislative and regulatory framework and how it will effect you. Consider the potential effects of Brexit on your business. Discover the latest innovations in the market to improve your collections. Motivate your staff to achieve ever improved results.

To book to attend in 2017, contact Stephen Kiely  or Alison Lucas. To find out more about being part of this landmark event, please contact Gary Lucas
CCRI 

 Forums International Ltd

Forums International Ltd

 Attendance at your first meeting is free of charge, and please quote reference 'CCR2016' to receive the special 10% discount off of your first annual subscription.

Find out more here.

latest issue

CCR Cover

The latest edition of CCR Magazine, the leading editorial publication in the UK credit industry, is out.

Read the latest issue online

The Credit Excellence Awards

Awards 

Tuesday 3 October - Guoman Tower Hotel, Central London


Do not miss your chance to meet and network with the Winners and Finalists at the Credit Excellence Awards, in association with Hoist Finance.


To book your place to attend, please contact Alison Lucas.


subscriptions

CCR is the premier magazine for consumer and credit professionals. It provides an independent voice to the industry, breaking major news stories and running in-depth features.

As a magazine, it works with and campaigns on behalf of the credit industry to promote its importance as a centre of potential profit and business development to the wider business world.

Subscribe to CCR Magazine

CCR World Magazine


 

Providing information and analysis for thousands of senior credit professionals worldwide, every quarter.

Find out more

GTS Media Ltd
81 Cambridge Road
Southend-on-Sea
Essex
SS1 1EP

Registered in England No: 05483197