Rolling Meadows, IL, USA (27 May 2015)—To help small- and medium-sized enterprises (SMEs) prepare for and manage cybersecurity risk and threats, ISACA, a global association serving 140,000 information systems professionals, has published two new guides: Cybersecurity Guidance for Small and Medium-sized Enterprises and Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises. The publications work in tandem; first to establish a standard based on the COBIT 5 framework and then to provide hands-on cybersecurity guidance.
According to the guides, while cybercrime at SMEs is increasing, cybersecurity programs have lagged because of cost and poor performance. The guides provide tips on how even SMEs with limited resources can reduce attack risks with a prudent cybersecurity strategy.
“Today, cybercrime and cyber warfare are not restricted to large enterprises—SMEs are being targeted, as well. No enterprise is 100 percent secure,” said Robert E Stroud, CGEIT, CRISC, international president of ISACA and vice president of strategy and innovation at CA Technologies. “Stakeholders need to understand that cybersecurity is a constantly evolving process—not an end result. These guides are well designed to help smaller organizations implement robust security strategies and governance.”
Cybersecurity Guidance for Small and Medium-sized Enterprises is based on COBIT 5, a business framework for the governance and management of enterprise information and technology. It focuses on cybersecurity guiding principles, governance, risk management and assurance.
The companion guide, Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises, is based on eight principles, including understanding end user behaviors, stating the business case and establishing governance.
Cybersecurity Guidance for Small and Medium-sized Enterprises and Implementing Cybersecurity Guidance for Small and Medium-sized Enterprises are each available in print and online for US$35 for ISACA members and US$60 for non-members at www.isaca.org/cyber-guidance and www.isaca.org/implementing-cyber-guidance.
A global association of 140,000 professionals in 180 countries, ISACA (www.isaca.org) helps business and IT leaders build trust in, and value from, information and information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA offers the Cybersecurity Nexus™, a comprehensive set of resources for cybersecurity professionals, and COBIT, a business framework that helps enterprises govern and manage their information and technology.
Participate in the ISACA Knowledge Center: www.isaca.org/knowledge-center
Follow ISACA on Twitter: https://twitter.com/ISACANews
Join ISACA on LinkedIn: ISACA (Official), http://linkd.in/ISACAOfficial
Like ISACA on Facebook: www.facebook.com/ISACAHQ
Rachel Acevedo, +1.847.660.5617, firstname.lastname@example.org
Joanne Duffer, +1.847.660.5564, email@example.com