The Information Security Forum (ISF) has published a major update to its Standard of Good Practice for Information Security for IT security professionals.
The Standard, as it is known, is a comprehensive guide to internet security best practice, providing organizations with a ready-made framework for responding to and managing major incidents. The latest edition shows a major restructuring of the guide.
“The revised design approach of the 2016 Standard has enabled systematic coverage of four new or enhanced life cycles that often require a great deal of information security protection,” the ISF explained.
The four life cycles of information security, as defined by the Standard, are employment, information, hardware and system development.
“The increasing pace of change, shifting global threat levels, growing reliance on the supply chain and greater demand for efficacy from stakeholders represent some of the numerous challenges organizations are facing today,” said Steve Durbin, managing director of the ISF.
“The Standard … provides extensive coverage of information security topics including those associated with security strategy, incident management, business continuity, resilience and crisis management."
A thorough approach to internet security is becoming more important than ever, as demonstrated by a recent KPMG report.
The paper found that eight in every 10 cybersecurity executives admit their company had been compromised by a cyberattack in the past 24 months.