dcsimg

How to write an information security policy – with template example

Information security policies are arguably the most important part of an organisation’s defences, as the biggest threat you face comes from employees.  Whether they’re making honest mistakes, ignoring instructions or acting maliciously, employees are always liable to compromise information. Technological defences can help mitigate the damage, but these must be accompanied by effective information … [Read more...]

3 tips to get the most from your information security audits

Your organisation won’t be able to protect its systems for long without an information security audit. That’s because cyber threats and the way your organisation operates is constantly changing, requiring you to regularly take stock of your security practices.  Whether you’re trying to certify to an information standard, meet legal requirements or perform an internal assessment of your current … [Read more...]

What is an ISMS and why does your organisation need one?

Those getting started in the information security industry might be wondering why experts are telling them to implement an ISMS. We’re here to explain.  An ISMS (information security management system) is essential for any organisation that’s serious about security. It’s a centrally managed framework that enables you to manage, monitor, review and improve your … [Read more...]

6 must-have information security policies

Information security policies are an often-overlooked part of an organisation’s defence measures. An effective policy informs the way employees handle cyber security threats, ensures that they use defence technologies properly and indicates board-level support for cyber security.  In this blog, we outline six essential information … [Read more...]

What is an information security policy?

An information security policy is a set of instructions that an organisation gives its staff to help them prevent data breaches. Employees are involved in many of the most common causes of security incidents, whether directly (such as accidental breaches) or indirectly (such as phishing scams), so thorough guidelines are essential. How do you create information security policies? Your … [Read more...]