InsiderSecurity is now ISO 27001 certified

Table of Contents

Table of Contents

InsiderSecurity achieves ISO 27001 certification, honored with Quality Excellence Award

In today’s digital landscape, safeguarding sensitive information against cyber threats is paramount. InsiderSecurity recently attained ISO/IEC 27001 certification. This accomplishment, marked by an audit with zero findings, showcases our dedication to information security, data protection, and quality through maintaining robust security systems and reliable processes.

What is ISO/IEC 27001:2022?

ISO/IEC 27001:2022 is a globally recognized standard for information security management systems (ISMS). It provides a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. Achieving this certification involves implementing a robust set of policies, procedures, and controls to safeguard data assets against potential threats, vulnerabilities, and breaches. Compliance with ISO 27001 signifies a company’s ability to implement and maintain robust security measures that align with international best practices, enhancing trust among stakeholders.

Why is ISO/IEC 27001 important for our customers and stakeholders?

Attaining ISO 27001 certification embodies InsiderSecurity’s commitment to protecting data, fortifying our infrastructure against cyber threats, and maintaining the trust of customers and stakeholders. This certification demonstrates:

  • Commitment to security: ISO27001 certification demonstrates our dedication to robust security measures and our capability to safeguard sensitive information.
  • Focus on customers and partners: Our certification helps our customers and partners to meet their security requirements and compliance.
  • Risk Mitigation: ISO 27001 mandates a proactive approach to identifying and addressing security threats. This certification minimizes the risk of data breaches, ensuring the protection of your invaluable information.

The rigorous ISO/IEC 27001 certification process

Our journey towards ISO 27001 certification was marked by meticulous planning and collective efforts across all departments. The process involved an in-depth analysis of the risk profile and existing security measures. To align with ISO 27001 standards, we implemented stringent policies and controls, guided by the framework’s 114 controls across 14 distinct categories outlined in ISO 27001 Annex A.

Throughout the certification process, several requirements needed to be met. This process enabled us to fortify existing policies and controls, ensuring an elevated level of security aligned with the expectations of our customers and external stakeholders. Here are some of the controls we have in place to meet ISO27001 requirements:

  • MDM (Mobile Device Management) solution for endpoint
  • EDR (Endpoint Detect and Response) solution for endpoint
  • DLP (Data leakage prevention) solution for endpoint
  • Physical security in the office compound
  • Inventories and asset tracking process
  • Secure Software Development Life Cycle
  • Secret management process
  • Formal due diligence process to assess the security risk of our suppliers
  • Staff cybersecurity training process

Our existing security solutions, like Automated UEBA (User and Entity Behavior Analytics) and CSX, helped us detect any unusual activity in our cloud systems, meeting the logging and monitoring requirements of the ISO 27001 standard. After the grueling certification process, we completed the audit with zero findings.

Quality Excellence Award

InsiderSecurity is honored to receive the Quality Excellence Award by BSI, recognizing the our exceptional performance in security processes. This accolade follows the successful passage of the ISO 27001 audit without any findings, showcasing our commitment to maintaining robust security systems and processes.

Kin Siong, Chief Information Security Officer (CISO) at InsiderSecurity, expressed gratitude for receiving the award during the networking lunch hosted by BSI, remarking, “It was truly an honor to be bestowed with the Quality Excellence Award.”

Received Quality Excellence Award by BSI

The award ceremony, where Kin Siong, the Chief Information Security Officer (CISO) of InsiderSecurity, received the Quality Excellence Award during a networking lunch hosted by BSI

APT29 in the cloud: A deeper dive

Dive into our detailed exploration of APT29’s cloud-based attacks. Discover how this sophisticated cyber threat operates and learn practical detection strategies to protect your organization’s cloud infrastructure.

Read More »