After PwC's Survey found boards of directors remain largely uninvolved with cybersecurity issues, expert Alan Calder is urging boards to pay more attention.

ASHLAND, OHIO, USA, May 21, 2015 /EINPresswire.com/ -- According to PwC’s 2015 Global State of Information Security Survey, boards of directors remain largely uninvolved in cybersecurity issues at most organizations. Many boards “find it difficult to understand how security technology works and identify the related tactical risks”, security budgets remain static as a consequence, and many organizations struggle to achieve adequate levels of information security.

Alan Calder, founder and executive chairman of international cybersecurity solutions provider IT Governance, says that it is essential for boards to get more involved with cybersecurity issues:

“According to PwC’s report, even though the number of security incidents increased 48% year-on-year, board-level input in this business-critical area remained low: only 25% of boards were involved in reviewing security and privacy threats. Cybersecurity is a business-critical issue, and can only be delivered effectively if pressure comes from the top down. Boards need to pay greater attention to the threats that their organizations face and be much more involved in reducing their susceptibility to attack. This means taking appropriate action to mitigate their vulnerability – and budgeting accordingly.”

If you’re tasked with implementing better security practices throughout your organization but find yourself lacking the necessary support, Alan expands on all of these points in his book Selling Information Security to the Board - A Primer, which explains how to get board-level backing for information security initiatives.

Recognizing that cybersecurity is an enterprise-wide necessity, the international standard for information security management, ISO 27001, sets out the requirements of an ISMS (information security management system) – a best-practice approach to information security that addresses people, processes and technologies.

ISO 27001’s risk-based approach enables organizations to implement cybersecurity best practices based on the risks they actually face, and by registering their ISMS to ISO 27001, businesses can demonstrate their commitment to cybersecurity to their stakeholders, as well as meeting their obligations under various data protection laws.

Organizations can painlessly achieve accredited registration to the Standard with IT Governance’s ISO 27001 Packaged Solutions – a fixed-price route to ISO 27001 registration comprising all the tools, resources, training and guidance you need to implement the Standard and ensure your cybersecurity.

Click for more information: www.itgovernanceusa.com/iso27001-solutions.aspx.

Alternatively, organizations can call IT Governance toll-free on 1-877-317-3454 or email servicecenter@itgovernanceusa.com for more information on how IT Governance can help protect their information security.

Melanie Watson
IT Governance
0845 070 1750
email us here