Even though GDPR is right around the corner, it makes a lot of sense - practically and financially - to maintain your traditional information security measures, because compliance with the Data Protection Regulation both can and should build upon your existing security measures.
Our most recent blog post dealt with The three golden rules of a business continuity plan. This time, we continue in the world of business continuity planning and take a closer look at scenarios and strategies.
"How long should a business continuity plan be?" This is a question we often hear from our customers. My answer usually is: "As short as possible!" The truth is that the perfect business continuity plan (if such a thing exists) should be three - sometimes contradictory - things at once:
a personal data security breach
Our new white paper, GDPR - Handling Personal Data Security Breaches in Three Phases, considers the formal requirements for handling a personal data security breach in accordance with GDPR and sets out guidelines for the preparation and anchoring of appropriate contingency measures.
It is not just a huge help for general management when company risk assessments are based on concrete business goals. Business-based risk assessments also help information security managers to prioritize what scarce resources they have.
It is gradually becoming more and more necessary to actively secure management support for any new business initiatives – not least when it comes to information security. The support of decision makers is absolutely essential for the successful operation and development of a compliance programme. But how can we go about getting this support? Our CEO cuts through the rhetoric and offers up five pieces of advice to those responsible for information security.
There used to be many unknown factors for information security managers to take into account when implementing and maintaining a security standard. That is no longer the case. A compliance planning tool creates a well-arranged plan for the compliance work and automatically combines all the tasks in a single annual plan.
All alone in the world. This is a feeling that many security officers with sole responsibility for information security can recognise as they are faced with more and more requirements for their compliance programme, without any extra resources to help them carry out their tasks. But never fear, for we are here to the rescue with five great tips to increase efficiency and help management to better understand information security.
ISMS performance monitoring allows security officers to document specific business values while also enhancing the level of security within the organisation. A white paper provides inspiration on how to select, define, and monitor effects in an ISMS solution.