SME guide for the implementation of ISO/IEC 27001 on information security management

In the framework of the EU-funded actions for support to SMEs in standardisation by Small Business Standards (SBS), the European DIGITAL SME Alliance (DIGITAL SME) published an SME Guide for the implementation of ISO/IEC 27001 on information security management. ISO/IEC 27001 is the international standard for companies that need a robust approach to managing information security and building resilience. With its Guide, DIGITAL SME wants to help SMEs better understand ISO/IEC 27001 and assist them in its concrete implementation.

How can this guide be helpful for Small and medium sized enterprises?

  1. SMEs make up the vast majority of businesses in Europe, outnumbering large corporations and employing more people. They are recognised to be a driver for innovation in Europe.
  2. Most SMEs underestimate their risk level for cyber-attacks, in the belief that they do not handle any information worth staelaing.
  3. However, small businesses have a lot of digital assets compared to an individual user and they often have fewer security measures in place than larger organisations.

The SME Guide for the implementation of ISO/IEC 27001 was developed by information security experts appointed by recognised SME and cyber-security trade associations of various European countries. The guide is written for and is applicable to SMEs that rely on technological assets. Its guidelines can be easily implemented by any organisation, whatever their size or complexity.

Based upon ISO/IEC 27001 content, the Guide describes a a wide array of practical activities that can significantly help with establishing or raising information security levels within an SME. Workshops and dedicated training sessions will be made available by SBS and DIGITAL SME throughout 2018 in order to present the Guide to SMEs and interested users.

The guide is freely accessible and downloadable here!

News

Cyberwatching.eu Project of the Week: CyberSec4Europe

The CyberSec4Europe project, one of the four pilot projects aimed at establishing a European Cybersecurity Competence Network has just been launched on February 28 in Brussels.

During its 42 months of duration, the project will align and interconnect a vast pool of research excellence in existing centres and research facilities, bringing together cybersecurity expertise in an interdisciplinary manner while developing a governance model for the future European Cybersecurity Competence Network.

Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019
Image:

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019
02/04/2019
Image:

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology

BRUSSELS

2 April 2019

10am to 4pm

 

e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.