Keeping your data safe

We seem to be hearing more and more about 'data breaches' - those occasions in which large, trusted companies appear to have allowed confidential records to leave the safety of their virtual filing cabinets, destined for the welcome embrace of cyber criminals. A vocabulary that did not exist in the days when filing cabinets were office necessities is now common parlance in the corporate world: cybercrime, malware and phishing are terms notorious to us all. And they represent activities being increasingly pursued by a startlingly large number of people.

Some of the estimated 250,000 malicious programs created daily can penetrate any unprotected digital management system. Creating malware does not require a high level of expertise. The 'black hat hackers' who develop the malevolent software or simply find it and use it for their illicit intentions are enjoying some profound success.

The largest data breach that has happened so far saw all 3 billion registered Yahoo accounts as its victims. Names, email addresses, dates of birth and telephone numbers were launched into cyberspace, only to land in the public domain, causing untold chaos and a reported $350 million reduction in the company's value.

How about Superdrug who were contacted by hackers with claims that details of 20,000 customers had been exposed? Even the much-loved Butlin's admitted that some 34,000 guest records were obtained by unscrupulous individuals with a penchant for breaking cyber security protocols. The list could go on.

With the estimated annual cost of data breaches across the globe now at least $800 billion, cybercrime looks here to stay. But that's not the end of the story. Although never a fairy-tale, there may be a happy ending.

ISO 27001 is the internationally-acclaimed Standard that ensures a company has a comprehensive information security management system in place. Designed to strengthen your data security, certification to ISO 27001 mitigates reputational and financial risk while reassuring your customers that their data is safe with you. The two-stage certification process coves analysis of your information management policies as well as a detailed look at systems in action, providing a positive steer for continual improvement.

There will always be those charming emails with their promises of windfalls in international currency from the philanthropic departed, or similar opportunities to enter a financial nirvana just by the click of a mouse. You may also be invited to rekindle communication with a long-forgotten business contact via a cordial request to upload virtual venom to your machine.

However, adopting a robust framework to empower your people to identify and deal appropriately with such threats will minimise the disruptive impact on your activities. Securing your information assets will help you meet GDPR requirements while giving peace of mind that you have implemented the strongest possible barriers against the dangers of attack.

Amazon, Apple and Microsoft are just three high-profile companies who now hold ISO 27001 certification, but the Standard is available to organisations of any size and within any sector who care about keeping their data safe. The number of companies achieving the Standard is growing at a rate of 20% each year with some of the largest growth seen in Japan and China - two giants in the seemingly eternal technological revolution.

Leaders of companies particularly data rich and, therefore, data sensitive, are keen to embrace a framework that monitors and manages threats to business continuity.

Is it time you joined them? Can you afford not to?

See more about ISO 27001 here.