“It’s like a waterfall”, explains Charlie in the car on the way to CrossFit. It’s the day after he’s finished the ISO 27001 audit and he’s about to have a much deserved lunch break, after chatting to us about the impact of this certification. “Once a business starts the process of getting ISO 27001 certified, all the other businesses in their supply chain are required to align with the same level of security.”
According to the World Economic Forum's 2023 Global Cybersecurity Outlook, cyber-attacks increased 125% globally in 2021, with evidence suggesting a continued uptick through 2022. “It is important, now more than ever, for businesses to be prepared”, continues Charlie. “Occasionally we have companies approach us for help with security, as part of a contract to win a new client. But information security isn’t something that can be rushed. It’s a bit like going to the gym: you can’t expect to go to one or two classes and be fit and healthy forever more. The same goes with cyber security: you have to constantly be monitoring and assessing new risks, whilst ensuring you have a resilient and adaptable management system to help you deal with the threats that arise”.
To address the growing cyber security challenges that businesses face and are yet to face, ISO 27001 exists as the world's best-known standard on information security management. “As part of the audit, we had to put together a policy which defines what the risks are to our business, how we go about assessing and reducing those risks, and then demonstrating how we will monitor and track any future threats.”
“It’s got to come from the top”, explains Charlie. “Every person in an organisation, from the MD to the freelancer, has to have an understanding of information security in all its forms. Yes, we now have the ISO 27001 certification, but more importantly we have a robust system of managing risk on an ongoing basis”.
“At the end of the day, the goal of ISO 27001 is to increase and enable business. We want our clients and their supply chains to see LeftBrain as a trusted technology partner, who will go above and beyond to keep systems, devices and information secure.”
If your business is interested in becoming ISO 27001 certified, get in touch and we can arrange an initial consultation with one of our information security experts.
If your business is interested in becoming ISO 27001 certified, get in touch and we can arrange an initial consultation with one of our information security experts.