Skills for Security have introduced the ISO 27001 standard to their array of courses to tackle the growing problem of information security threats faced by businesses today.
Skills for Security are delivering two courses; a one day introduction to the ISO 27001 and a two day ISO 27001 implementation course, both designed to enable companies to train their staff and adopt a best-practice approach to information security management across their business.
The greatest security threat faced by most companies today is not from outside attacks but from insider threats, either malicious or unintentional.
Companies generally protect themselves from outside attacks such as spam or phising emails, cyber-attacks and hackers but 2015 reports from IBM state that some of the biggest data breaches of the last 18 months are known to have been caused by insider threats, with 95% of insider breaches being the result of unintentional human error.
Insider threats from employees can vary in their form and accidental breaches may come from posting sensitive information on the company’s website or social media, sending information to the wrong party via email, fax, or mail, or improperly disposing of clients’ records.
Even those with the best of intentions, could lose information saved on a USB stick or inadvertently aid in an attack by clicking on a malicious link sent in a phishing email when opening via their phone.
There are many ways to reduce the risk or threats to a business but to reduce those of insider breaches staff awareness and training is essential to ensure that employees are fully aware of the potentials security threats they face.
Skills for Security ISO 27001 training course includes all legal, physical and technical controls involved in an organisation’s information risk management processes.
The one day introduction will enable learners to understand the standard, help them to improve their management processes and prepare their business for growth through achieving ISO certification.
The two day implementation course will enable learners to produce a high level project plan which identifies timescales, milestones and resource requirements to implement a robust information security processes and is aimed at those who are, or are planning to comply or certify ISO 27001.
Information security is a growing priority in most business and both customers and suppliers need to be assured that information security is taken seriously by organisations they deal with and that processes are in place to deal with security information threats.
Information is a major asset for any business. It adds value to an organisation and needs to be well managed and protected.