1. Latest News
  2. Submit Press Release
  1. PR Home
  2. Latest News
  3. Feeds
  4. Alerts
  5. Submit Free Press Release
  6. Journalist Account
  7. PRNewswire Distribution

Information Security needs management, says SGS


 
 
SGSsmall
SGSsmall
PRLog - Aug. 18, 2014 - CENTRAL, U.K. -- “Many organisations would claim that information is their most valuable asset, yet they don’t have the management commitment to ensure that information is secure,” says Richard Skipsey of SGS United Kingdom Ltd. “Managers delegate online security to the IT department and think the job is done.”

Yet the cost to UK plc of security breaches is “in the order of billions of pounds per annum…. (and) … it’s roughly tripled over the last year”, according to the 2013 Information Security Breaches Survey by the Department for Business, Innovation and Skills*.

The survey shows that 78% of large organisations were attacked by an unauthorised outsider in the last year and that smaller businesses, “which used not to be a target, are now also coming under increasing attack”.

The average cost to a large organisation of its worst security breach ranged from £450,000 to £850,000, while smaller organisations faced bills of £35,000 to £65,000 for the worst incidents.

Mr Skipsey welcomes the fact that the importance of management commitment, along with effective measurement, is emphasized in ISO 27001:2013, the revised international standard covering the security of an organisation’s information and IT systems.

“Effective information security must be championed, funded and managed at board level,” says Mr Skipsey. “It needs to be implemented as part of an overall business strategy, not in isolation.”

The strategy must also include all information that is valuable to an organisation – from research and design prototypes to forecasts and negotiating positions. It is also not limited to online activity and includes paper records, images and even conversations.

Mr Skipsey is Global Product Manager - ISO 27001 and ISO 22301 at SGS, the world's leading inspection, verification, certification, testing and training organisation.

SGS, which has been accredited by UKAS to assess ISO/IEC 27001:2013, has just updated its booklet on ‘Issues to be considered when establishing an Information Security Management System’ to reflect the changes since the initial standard ISO 27001 was established in 2005.

The booklet summarises the principal requirements for guiding and establishing an information security policy and system.

About SGS

SGS is the world’s leading inspection, verification, testing and certification company.  SGS is recognized as the global benchmark for quality and integrity.  With more than 80,000 employees, SGS operates a network of over 1,650 offices and laboratories around the world. www.sgs.co.uk

Photo:
http://www.prlog.org/12360752/1

--- End ---

Click to Share

Contact Email:
***@imageline.co.uk
Source:SGS United Kingdom Ltd.
Location:Central - London - United Kingdom
Industry:Business, Security
Tags:information security, Business, management
Shortcut:prlog.org/12360752
Verified Account Email Address
Verified Account Phone Number

Disclaimer:   Issuers of the press releases are solely responsible for the content of their press releases. PRLog can't be held liable for the content posted by others.   Report Abuse

Latest Press Releases By “

More...

Trending News...



  1. SiteMap
  2. Privacy Policy
  3. Terms of Service
  4. Copyright Notice
  5. About
  6. Advertise
Like PRLog?
9K2K1K
Click to Share