ON-LINE Security, ISO/IEC 27002 for Implementation - ISO/IEC 27001 for Verification

If we been following the news, cyber incidents have significantly increased, 300%+ in the USA; Over 2 million malaware discovered in the first-half 2015. Intrusions and attacks to information networks it's ongoing. Feedback from McAffee, shows that the large enterprise is the preferred choice over the small and medium, and this is not factual in the real world - it is reasonable to understand when the potential benefits are higher so it is the risk. The positive from the McAffee study shows that businesses with more upfront effort on prevention against attacks can end up spending less than a third as much as those that allow themselves to be reactive. 

The regulatory and legal frame of many countries is beginning  to address the issues of invading the privacy of Networks. As the need arise the existing legal frame must address the context of "cyberspace". Laws under the provisions of sabotage, bribery, destruction, infringement of copyrights, invasion of privacy and so on apply equally.

Even with "intruders" praying the global networks, e-commerce is a secure environment when an organization has a fundamentally robust and agile management system supporting the IT efforts.

At times, and to often, planning in developing and implementing an Internet solution suffers due to urgency and speed. This propitiate vulnerability in the objectives when focusing the planning uniquely in the competitiveness of the organizations. When security is contemplated as a risk from the onset of a project risk is reduced. At times "blitzing" to the latest technology is not prudent.

ISO/IEC 27002 and ISO/IEC 27001 (providing for mutual inclusion with ISO 9001, ISO 14001, ISO 22000...) assist in the implementation and maintaining safe best global practices to the day-to-day activities as well as in facing the challenges of proliferation and discontinuance of technology. Once implemented and maintaining, concurrently ISO/IEC 27001 and ISO/IEC 27002, provides the fundamentals for a basic secure network, in its newer revision adopting Annes SL format. Once implemented it propitiates the basis for updating and improving as technology and regulations advances.

For ISMS ISO/IEC 27001 | ISO/IEC 27002 implementation we advice training not exclusively in technological issues but in developing an infrasctucture of innovation through creativity responding to the needs of an organization prior to and not after responding to adversity.

E-commerce is safe. Secure channels is a practice used by the dot-coms. As you may observe in the identifier window of your browser https:// as this indicates that the information travels through an encrypted channel and special security. 

"Build a future even if doesn't arrive" - Its a reality that has come to pass, if not review the past dot-com wave.

The USA for being a hi-tech community has been on the vanguard of risk and networks and even addressing the issues of electronic terrorism. These attacks can attempt against the security of a nation or community, thus are not limited to directly proportionate financial issues which may include:

  • Intercepting the press media to create panic in communities, countries and not only the financial markets...
  • Invading the channels of electrical grids or water source to cutoff supply with the potential to create disasters...
  • Blocking communication channels (data and voice)...



ISO/IEC 17799 and TL 9000  
 Assisting in Cybercrime PreventionBack to Home Portal...