National standards body, BSI, has created a new specification PAS 555 Cyber security risk – governance and management to assist in the management of exposure to cyber security risk.
According to the Information Security Breaches Survey 2013 carried out by the Department for Business, Innovation and Skills (BIS) the cost of the worst breach of the year appears to have significantly increased, to £35,000 – £65,000 for small businesses and £450,000-£750,000 for large organisations.
The data in the survey demonstrates that having robust cyber security management helps protect the business, its reputation and the bottom line.
PAS 555 offers a framework that defines the outcomes of good cyber security practice. It extends beyond the technical aspects of cyber security to encompass physical and people security aspects as well. It can work on a stand-alone basis or can be integrated with existing protocols or standards.
Central to the framework is the requirement for a cyber security risk assessment. The creation PAS 555 arose from a need recognized by industry and also articulated in the government’s 2011 cyber strategy. The PAS is sponsored and supported collaboratively by Cisco, Control Risks, G4S, PA Consulting Group and Symantec.
The specification is aimed at the operational executive, board members and senior management, and is applicable to all sizes of organization.
Anne Hayes, head of market development for risk at BSI, says, “Many organisations today are still not aware which cyber issues are potential threats to their business. The outcomes-based approach offered by this specification helps them to identify those threats and tackle the issue of cyber security management effectively.”
Ed Savage, cyber security professional at PA Consulting Group says, “To date, most cyber security related best practice has focused almost exclusively on methods and the controls. PAS 555 instead focuses on the outcomes – the aims and impacts of security processes – and helps organisations identify the areas of their business that needs protecting the most.”
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE