IT security begins on the executive floor: BSI updates security manual
The Federal Office for Information Security (BSI), together with the Internet Security Alliance (ISA), has developed a manual on cyber security for management. The BSI has now published an updated version that also describes the establishment of a corresponding corporate culture. The “Management of Cyber Risks” handbook is intended to help convey the importance of IT security at management level and to integrate it into the risk management strategy.
The updated handbook now contains six principles. The section on a corporate culture that consistently takes IT security into account and thus increases the resilience of the company is new. Also new is a BSI toolkit that accompanies the handbook and is intended to illustrate its principles using instructions.
Security department needs backup
In its release notice, the BSI also emphasizes that those responsible for IT security need sufficient backing from the executive floor. The latter would also have to develop their own understanding of the threat situation. In any case, the ISA is convinced of the document: “A study published by the World Economic Forum and the Massachusetts Institute of Technology (MIT) showed that users of the manuals can expect 82 percent fewer cyber incidents without the costs increasing”, said Larry Clinton, President of the ISA, on the occasion of the initial publication of the cooperation product.
“Cyber Risk Management” emerged as part of the Alliance for Cyber Security. The 36-page document is now available for download on the Allianz website.