Cyber Essentia ials and IS ISO27001 Visit: www.pgitl.com Visit: - PowerPoint PPT Presentation

Cyber Essentia ials and IS ISO27001 Visit: www.pgitl.com Visit: www.pgitl.com

Steve Mair Senior Cyber Security Consultant @PGICyber and @SteveMair13 Visit: www.pgitl.com

3 Questions to Start Visit: www.pgitl.com

Do you know… What percentage of FSB members have Cyber Essentials or ISO 27001? 2% 2% Source: FSB “Cyber Resilience: How to protect small firms in the digital economy” Visit: www.pgitl.com

Did you know… 49% Phishing emails 37% Spear phishing emails 29% Malware attacks 24% Password Policy 4% Documented incident plan Source: FSB “Cyber Resilience: How to protect small firms in the digital economy” Visit: www.pgitl.com

Complicated is not always best Visit: www.pgitl.com

Today’s Topics Cyber Essentials ISO 27001 How do you choose Visit: www.pgitl.com

Cyber Essentials and Cyber Essentials Plus Visit: www.pgitl.com Visit: www.pgitl.com

The journey so far 2012 2012 Making the UK a Safer Ten Steps to Cyber Place to do Cyber Security Essentials Business 2014 2014 2011 2011 Visit: www.pgitl.com

Why Cyber Essentials? Government requirement Industry recognition Threat protection Customer expectation Visit: www.pgitl.com

Content Boundary Firewalls Secure and Access Control Configuration Internet Gateways External Penetration Malware Protection Patch Management Test 26 Controls in total Visit: www.pgitl.com

How Self Certification Third Party Certification Annual recertification Visit: www.pgitl.com

ISO / IEC 27001 Visit: www.pgitl.com Visit: www.pgitl.com

The Journey 1995 BS7799 Introduced 1998 BS7799 Revised 2005 ISO/IEC 17799 Revised 2000 Adopted as ISO/IEC 17799 2007 ISO/IEC 27002 2013 Adopted ISO/IEC 27002 Revised Visit: www.pgitl.com

Why ISO 27001? Global brand Industry recognition Threat protection Customer expectation Visit: www.pgitl.com

Content Information Security Organisation of Human Resources Physical and Asset Management System Acquisition, Policies Information Security Information Security Access Control Cryptography Security Communications Environmental Operations Security Information Security Development and aspects of Business Supplier Relationships Security Security Compliance Incident Management Maintenance Continuity Mangement 114 controls in total Visit: www.pgitl.com

How Timescales Third Party Certification Maintenance Visits 3-Yearly Recertification Visit: www.pgitl.com

Cyber Essentials v ISO / I IEC 27001 Visit: www.pgitl.com Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 Review Internal External External Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 Frequency Annual 3 Years Annual Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 Domains 5 14 5 Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 Controls 26 114 26 Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 6-9 Months Time 1-2 Days 3-5 Days Visit: www.pgitl.com

Comparison CE CE Plus ISO27001 Review Internal External External Frequency Annual 3 Years Annual Domains 5 14 5 Controls 26 114 26 6-9 Months Time 1-2 Days 3-5 Days Visit: www.pgitl.com

How do you choose? Visit: www.pgitl.com Visit: www.pgitl.com

Costs Benefits Risks Opportunities GDPR Visit: www.pgitl.com

Today we talked about… History What they are Selection Next steps Visit: www.pgitl.com

Remember… Complex is not always best Romantik Seehotel Jaegerwirt in Austria Photo: CEN Visit: www.pgitl.com

Thank You • PGI Portal: https://cyberservicesportal.pgicyber.com • PGI Services: https://pgicyber.com/products • This presentation: http://bit.ly/2jCnDMT @PGICyber and @SteveMair13 Visit: www.pgitl.com