ISO 22301 Certification Overview

About ISO 22301

ISO/IEC 22301 Business Continuity Management helps organizations understand and prioritize the threats to business with the international standard for business continuity. ISO/IEC 22301 specifies the requirements for a management system to protect against, reduce the likelihood of, and ensure your business recovers from disruptive incidents.

Read More

What Are Common Vulnerabilities and Exposures (CVE) and the Common Vulnerability Scoring System (CVSS)?

CVE and CVSS featured

It seems like new vulnerabilities enter the mainstream every day. With the recent Log4Shell bug attracting significant attention as one of the worst vulnerabilities known to cybersecurity, many businesses are scrambling to understand their exposure and how the cybersecurity industry is responding. One way to understand these vulnerabilities is to look at security databases and classifications. Two of the most widespread frameworks for classifying and ranking vulnerabilities are the Common Vulnerabilities Exposures and Common Vulnerability Scoring Systems.

 

Read More

ISO 27018 Certification Overview

About ISO 27018

ISO/IEC 27018 is a unique information technology code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. The cloud offers organizations and consumers a variety of benefits: cost savings, flexibility and mobile access to information top the list. It also raises concerns about data protection and privacy; particularly around personally identifiable information (PII).

PII includes any piece of information that can identify a specific user. The more obvious examples include names and contact details or your mother’s maiden name. But elements that people may not readily think of are medical records, IP addresses and banking statements.

Used with ISO/IEC 27001, ISO/IEC 27018 has been published to allow Cloud Service Providers whose infrastructure is certified to the standard to tell their existing and potential customers that their data is safeguarded and won’t be used for any purposes for which they don’t specifically give consent.

Read More