Cybercom first with interactive solution for SIS IT security standards

Interest in ISO certification for information security is increasing. SIS standards form the basis for information security management in the private and public sector. Cybercom is the first company to offer companies and authorities SIS IT security standards via an interactive portal.

"This is a great business opportunity for us. SIS IT security standards are increasingly important in the public sector, and the number of projects in this area is increasing,” says Tomas Rimming, business area manager for Secure at Cybercom Sweden East. “Also, our solution facilitates security work for banks and other companies.” The Swedish Standards Institute (SIS) develops globally recognised standards for information security management that include the SS-ISO/IEC 27001:2006, SS-ISO/IEC 27002:2005 and SS-ISO/IEC 27005:2008 standards. SIS provided Cybercom with an opportunity to offer integrated operational support for companies and authorities via interactive access to standard requirements through its Cybercom Compliance Portal. The Cybercom Compliance Portal can for instance distribute security requirements inside a business and consolidate operational feedback – per requirement – about how operations meet each requirement. The portal also integrates support for risk analyses, action analyses, and provides a starting point for incident management and other common security-related processes. "These standards are often found on paper or PDF, but there hasn’t been an integrated operational system for really implementing them in an operation," says Bengt Berg, manager of Compliance Management Services at Cybercom Sweden East. “Our portal makes this possible, and improves security efforts. Businesses also gain access to rational methods for status reporting and risk analysis, and can easily evaluate optimal security-tightening measures. The solution also works for other management systems such as environmental, quality, and regulatory requirements.” “We’re really excited to see the IT security standards ISO 27000 series integrated in an online tool that facilitates two-way security management communication,” says Helen Strandgren at SIS Förlag. “We’re hoping to reach new markets by delivering standards this way.”