Archive for the ‘Information Security’ Category

Cost-effective route to ISO 27001 certification readiness

February 21st, 2012 by

Achieving ISO 27001 certification is the best way for an organisation to protect its information assets, mitigate the risk of Cyber attack (and other forms of data breach), and to win new business.

Risk assessment is critical to effective deployment of an ISO 27001 Information Security Management System (ISMS), and the hardest part of achieving ISO 27001 certification is the documentation.

A toolkit can accelerate your ISO 27001 project immensely. It enables a cost-effective route to certification readiness and the No 3 ISO27001 Comprehensive ISMS Toolkit has everything you will need.

No 3 ISO27001 Comprehensive ISMS Toolkit<br />
No 3 ISO27001 Comprehensive ISMS Toolkit
Buy during February and get a free ICT Strategy Toolkit!

RRP: £1,931.90
Price: £1,795
You Save: £136.90

Learn more

Buy Now

     

When you use our highly practical and informative books and tools to help you tackle the project, you receive unique guidance and support for your organisation – plus, with this package, you save money.

 

What does this toolkit contain?

 

Using the templates, was the only way that we could deliver a 1st edition ISMS in under 6 months. Our deliverable was a work in progress but miles ahead of where they would have been without the templates.
Tim Moreton, President, Moreton & Co., airlinetechnology.net.

Accelerate your ISO27001 project with the help of this toolkit. Don’t hesitate – buy it today.

Webinar – Achieve ISO 27001 with effective Identity Management

February 16th, 2012 by

With the proliferation of critical data held in multiple systems, both on-premise and in the Cloud, and accessible by a growing number of managed and un-managed devices, managing information security is becoming a real challenge.

We can help you to step up to the plate – and succeed!

You are cordially invited to attend a free webinar, hosted by Oxford Computer Group and with input from IT Governance Ltd, which explores the ISO 27001 standard and how its adoption helps bring information security under explicit management control. We also explore the role that an effective Identity Management solution plays in helping to achieve and maintain ISO 27001 compliance.

Aimed at information security professionals this webinar will provide practical guidance and advice on how you can enhance information security whilst also meeting the increasingly complex demands for information access.

Agenda

  • Introduction to the key business challenges
  • The ISO 27001 standard and how it can help you
  • The roles of Identity Management in achieving ISO 27001 Compliance
  • Next Steps
  • Q&A

February 23rd, 11am UK time. Duration 30 mins.

To register for this free webinar, email us with your contact
information, stating “ISO 27001 Webinar” in the email.

Our partnership

OCG partner with IT Governance, for professional services advice, mentoring and project management services relating to Microsoft Forefront Identity Manager (FIM) 2010 implementations.

IT Governance is a leading player in ISO 27001 compliance and best practice consultancy, providing:

•             Bespoke mix of services and support tailored to any budget

•             Streamlined solutions, factored into ‘business as usual’

•             Skills and knowledge transfer through comprehensive training offerings and mentor and coach approach

•             Future-proofed solutions to ensure post-certification costs are minimised.

 

Our trusted advisers enable organizations to employ a flexible, self-service approach to Identity and Access Governance, based on best practice as defined in the ISO 27001 information security standard.

 

What they say about us

“We benefited hugely from IT Governance’s advice and they effectively mapped out the route we needed to follow. If I were faced with doing the project all over again, the first thing I would do is get an expert consultant in to make sure we were tackling things in the right way. IT Governance really know their stuff and immediately impressed us with their calm and reassuring approach.” Carol McCarthy, Head of Business Control, dsicmm

Protect your business and kick start your cyber security project

February 16th, 2012 by

Cyber crime is on the rise and all organisations need to ensure they protect themselves and their critical assets from cyber attack.

Accredited certification to ISO 27001 gives an organisation internationally recognised and accepted proof that its system for managing information security – its ISMS or cyber security readiness – is of an acceptable, independently audited and verified standard.

Use the ISO27001 Cyber Security Toolkit to implement ISO/IEC 27001, create an effective ISMS and combat cyber threats!

ISO27001 Cyber Security Toolkit ISO27001 Cyber Security Toolkit
Get a free Cyber Security Self Assessment Tool during February!

RRP: £1,064.00
Price: £1,695
You Save: £169.00

Learn more

Buy Now

     

Your focus need to be on protecting your business from cyber attack.

The best way to do this is to align your information security management system to ISO 27001 – the world’s only recognised cyber security management system.

This toolkit provides all the tools and resources you need to implement your own cyber security project and align your business with ISO 27001, the world’s only cyber security standard.

Protect your business and kick start your cyber security project with this toolkit today!

Find out what’s included and buy before the end of February for a Free Cyber Security Assessment Tool!

Accelerate Your Career – Get Started with CISA Now!

February 15th, 2012 by

Are you looking for the premier qualification to enhance your career in information security?

More than 75,000 professionals in nearly 160 countries have earned the Certified Information Systems Auditor (CISA) certification since its inception in 1978. With a growing employment demand for staff possessing information security audit, control and security skills, CISA has become the preferred certification program by individuals and organizations around the world.

Put more simply – CISA certification will enhance your credibility and recognition and deliver higher earnings.

Recent research published by ISACA has found that 1,400 CISAs are now employed in organisations as the chief executive officer (CEO) or chief financial officer (CFO), while more than 7,000 serve as chief audit executives or audit consultants. In addition, 13,000 CISAs are currently employed in managerial or consulting positions in IT operations or compliance. (Source: What is CISA? – ISACA 2010)

The ITG Certified Information Systems Auditor (CISA) Training Course is designed to provide delegates with a comprehensive revision of all key subject domains and essential preparation for the CISA examinations held every year in June and December.

CISA - Certified Information Systems Auditor Training Course CISA – Certified Information Systems Auditor Training Course
15-18 May 2012 in London

Price: £1,595

Learn more

Book Now

     

Why choose IT Governance to help you pass CISA

  • We are dedicated to Governance, Risk and Compliance consultancy and training services
  • Our trainers are also our consultants and are ISACA qualified
  • We summarise the key content and highlight its relevance with practical examples
  • We help you prepare for the examination with practice questions and advice
  • We believe interactive classroom training to be the most effective method of training

As preparation is the essential ingredient to passing the CISA examination, we strongly recommend that all delegates purchase the ISACA Exam and Study Guides prior to taking the relevant course. IT Governance is the exclusive approved reseller of ISACA publications in the UK and all titles are available from our dedicated ISACA Certification Bookstore.

Ensure that you pass the CISA examination first time.

Book the ITG Certified Information Systems Auditor (CISA) Training Course now.

Fantastic deal on Cyber security training

February 14th, 2012 by

Cyber security is one of the most high profile issues facing businesses right now. ISO27001, together with the Code of Practice, ISO27002, provide an internationally recognised best-practice framework for addressing the entire range of risks which, taken together, may be described as cyber risks.

I’m writing to tell you about a fantastic deal we’re running on the 2-Course ISO27001 Training combination. It is now on special offer for just £1,695 and will begin on 21st February for 4 days in Manchester.

ISO 27001 Information Security Training Package No.1 Combination Course ISO 27001 Information Security Combination Course
21-24 February in Manchester

RRP: £2,209.00
Price: £1,695
You Save: £514.00

Learn more

Buy Now

     

The ISO 27001 Information Security Combination Course includes attendance at both the ISO27001 Certified ISMS Foundations course, and the ISO27001 Certified ISMS Lead Implementer Masterclass

By attending both courses you will cover all the key steps in preparing for and achieving certification first time.

Book this week and to attend the Foundation Course FREE!

Are you cyber secure? Find out for just £70

February 13th, 2012 by

Are you cyber resilient? Could you survive a cyber attack?

The Cyber Security Assessment Tool is a cost-effective and innovative way of answering these critical questions.

All businesses must ensure they protect themselves from the growing threat of cyber crime, hacking and data breaches, whilst ensuring the protection of their brand and customer information.

The Cyber Security Assessment Tool will enable you to quickly assess which areas of your business are cyber secure, and which are not. Using a straightforward traffic light matrix you will quickly be able to identify the vulnerabilities in your organisation, what the threat level is and what impact this could have on your business.

Cyber Security Assessment Tool Cyber Security Assessment Tool


Price: £70

Learn more

Buy Now

     

The Cyber Security Assessment Tool is ideal for demonstrating to senior management and the Board where the key cyber vulnerabilities are. This tool is easy to use and gives you immediate answers and guidance on how to tackle your cyber security issues.

Find out your level of cyber security for just £70 >>>

For a more comprehensive solution organisations should align themselves with ISO27001, the international cyber security standard. The Cyber Security Toolkit will help your business achieve compliance to ISO27001, delivering robust cyber security whilst helping you win new business. The Cyber Security Toolkit includes the Cyber Assessment Tool.

Read more about the Cyber Security Toolkit here >>

Are your staff putting your business at risk? Hacker costs the Marriott hotel chain $1million dollars

February 10th, 2012 by

It’s one of the most inventive ways I’ve heard of attempting to land a job, but also one of the most stupid! Hungarian Attila Nemeth has been sentenced to 30 months behind bars for hacking into the Marriott Hotel’s network and extracting sensitive information. Nemeth then threatened to reveal the sensitive information, unless they offered him a job.

The global leading hotel chain reported the incident to the US secret service, which duly set up a sting operation in which they posed as representatives of the hotel in an interview situation. Obviously basking in the glory of his actions, Nemeth accepted an all expenses paid trip to the US to attend the interview. However his number was up when he was lured into describing (probably gloating all the way) how he had hacked the hotel’s network and extracted the information.

It transpires that Nemeth had used Trojan emails to employees, allowing him to access the hotel’s servers and extract high level information.

What we don’t know, and what has yet to be commented on, is, did Marriott realise that this information had been accessed and extracted? Seemingly it was the blackmail threat from Nemeth that promoted them to check, and subsequently call in the US secret service to deal with the matter. But when would someone on the inside, or their internal systems have let them know that they had and were suffering a breach?

For his troubles Nemeth was sentenced to 30 months behind bars. The Marriott estimated the cost of dealing with the incident between $400,000 and $1,000,000. Ouch!

Cyber security is a multi-faceted beast that requires a joined up approach of robust systems and networks, regular penetration testing and frequent staff training. Staff training is often the forgotten man of cyber security, as businesses concentrate on the hardware and cyber aspect of security. Humans however, have the incredible ability to sidestep and forgo all the security measures you put in place, purely by being ignorant or simply uninformed.

Ensure you know the risks posed to your business, and how to protect yourself >>>

Source: The Register

Implement Information Security Best Practice for COBIT

February 9th, 2012 by

Is your organisation implementing the COBIT IT governance framework?

Closely aligned with ISO27001, the ISO/IEC 27002:2005 standard serves as a practical guideline for all members of staff as they initiate, implement and maintain information security. An understanding of the best practice guidance as outlined in ISO27002 is essential to achieving the goals of COBIT.

COBIT is an IT governance control framework that helps organisations meet today’s business challenges in the areas of regulatory compliance, risk management and aligning IT strategy with organisational goals. Although information security is one of these goals, COBIT does not supply any guidance to how to achieve this objective. This is provided by the ISO27002 Standard which draws on the experience of practitioners in over 40 countries to set out best practice for the delivery of an effective information security programme.

Information Security Foundation based on ISO/IEC 27002 Information Security Foundation based on ISO/IEC 27002
23 February 2012 in London

RRP: £450
Price: £313.50
You Save: £136.50 (30%)

Learn more

Buy Now

     

The one-day Information Security Foundation based on ISO/IEC 27002 training course is designed for anyone in an organisation who is responsible for the security of information assets and directly supports the implementation of COBIT.

Delegates attending the course will learn about:

  1. Information and data relationships (security, governance, assurance)
  2. Defining threats and vulnerabilities and understanding Risk Management
  3. Risk analysis with Impacts, Likelihood and Probability
  4. Required policies and an Information Security Plan
  5. External relationships with 3rd party organisations
  6. Protective marking and the relationship to Impact (Risk)

Achieve EXIN Certification

The Information Security Foundation based on ISO/IEC 27002 course is based on the EXIN Information Security Foundation syllabus and prepares delegates for the EXIN ISFS examination which is taken at the end of the day. Successful candidates will be awarded the EXIN Information Security Foundation Certificate.

Book on the Information Security Foundation based on ISO/IEC 27002 training course now.

 

If you are considering implementing COBIT in your organisation, we can also recommend that you consider attending our COBIT Foundation training course. Please see www.itgovernance.co.uk/products/2295 for further details.

New cyber security toolkit with free cyber assessment tool

February 7th, 2012 by

Our new Cyber Security Toolkit can help your organisation protect itself from the growing threat of cyber crime. This toolkit will ensure you protect your critical assets, instil confidence in your customers and help you win new business.

Until this Friday, 10th February, this toolkit comes with a free cyber security self assessment tool.

This tool will enable you to quickly assess which areas of your organisation are cyber secure and which require more attention. Read more about the assessment tool here >>>

Cyber Security Toolkit The Cyber Security Toolkit

RRP: £1,864.00
Price: £1,695.00
You Save: £169.00

Learn more

Buy Now

     

This toolkit provides all the tools and resources you need to implement your own cyber security project and align your business with ISO 27001, the world’s only cyber security standard.

The toolkit comprises:

Protect your organisation from cyber attack in 2012

Order the Cyber Security Toolkit >>>

Cyber Crime: Hindsight is a wonderful thing

February 6th, 2012 by

 

‘Time will only tell just how bad the state of e-Crime, and related matters stand, but one thing is for sure. It would certainly seem to be the only growing industry of the current day.’

John Walker speaking at the e-Crime Congress, 2009

This statement was made 3 years ago by Professor John Walker and CEO of Secure Bastion Ltd at the e-Crime Congress. John and a small number of other security professionals were predicting darker things to come. But at the time, John and his friends were scoffed at and rejected for making such predictions, and told that cyber crime was in fact declining.

Now take a look at the current state of cyber crime. Data breaches on companies of all sizes are now a regular occurrence, phishing schemes are on the rise and even tensions between countries are building because of  criminal activities over the Internet. Cybercrime is estimated to cost the global economy $388 billion, which is $100 billion more than the global black market.

If we’d have listened to John Walker back in 2009, would we be in the state that we are in today? Probably not. By 2012 we might have reached a global solution to fighting cyber crime and information would be made more freely available on how to beat it.

We are only now seeing the emergence of a united approach to data breaches throughout Europe. So how long will it take to fight a united approach globally? Four, five more years? Can the economy wait that long?

It’s all well and good to look back on the past and discuss what we  should have done, but we need to take steps to prevent what is happening now and for the future. Protect your business against cyber threats today.

Discover how to protect your business from cyber crime and risks >>