Better Alignment with Dominant Global Security Standards Enable Cybertrust Customers to More Effectively Establish and Maintain an Information Security Management Program

HERNDON, Va.--(BUSINESS WIRE)--Cybertrust®, the global information security specialist, today announced that its Security Management Program (SMP) includes enhanced alignment with the ISO 17799 and ISO 27001 security standards. This allows SMP customers to more easily embrace and implement the ISO best practices around security controls.

ISO 17799 is a detailed security standard comprised of 11 major sections, including system access control, physical and environmental security, compliance and security policy. The chief purpose of the standard is to define information security best practices across the organization and to safeguard information technology systems and the integrity, confidentiality and availability of critical data. ISO 27001 complements ISO 17799 by establishing continuous, repeatable risk management practices in a dynamic business environment. Additionally, ISO 27001 features an information security management certification.

“ISO 27001 is fast becoming a de facto security standard throughout the world,” said Kerry Bailey, Cybertrust senior vice president of global services. “As organizations more fully embrace the ISO information security standards, it will allow them to derive additional value from their risk management and compliance programs. Cybertrust is pleased to offer enhanced alignment with these standards as a value-add to our SMP customers.”

Updated SMP security controls now directly map to the vast majority of the objectives and controls identified in ISO 27001. Additionally, the program accelerates ISO 27001 certification efforts by providing ongoing assessment and measurement of the most relevant ISO controls, as well as expert advice on corrective and preventive actions. For customers that want to embrace the ISO 27001 standard without pursuing a formal certification, SMP’s enhanced alignment with the standard improves their overall security posture and assists their efforts to evaluate and enhance key security processes and procedures. With SMP’s alignment reporting, customers can ascertain and demonstrate which ISO controls they are meeting.

Added Bailey, “For customers looking to self-certify or formally register, the SMP ISO alignment reporting offers a significant jumpstart. For customers that are embracing ISO as an information security best practice but not seeking ISO certification, this allows them to further demonstrate to partners and customers their due diligence in terms of security and compliance.”

Cybertrust Certified Enterprise customers already have access to regulatory alignment reports that demonstrate how the ongoing SMP assessment and validation activities map with their efforts to comply with various regulations, including the Sarbanes-Oxley Act, Gramm-Leach-Bliley Act and Health Insurance Portability and Accountability Act. With this update to SMP, the regulatory alignment report now also maps back to the ISO 17799 and ISO 27001 standards.

SMP is a robust, detailed and programmatic security and risk reduction program that addresses all aspects of proactive information security from network and system analysis to physical and policy inspection. The program helps organizations improve their overall security posture through the identification of critical assets; assessment and prioritization of threats; and mitigation of risks. The ongoing, systematic approach allows business to more easily facilitate regulatory compliance. Additionally, SMP helps to protect critical business systems from malicious attacks and other threats.

Source