Expertise IT security

Information security or IT security is becoming increasingly important. By training everyone involved (IT and non-IT) and giving more attention, a better level of security can easily be achieved.

Why information security

Information security is important from three perspectives:

• To prevent direct damage. Companies and organizations offer more and more services online. In order to prevent abuse, security must be in order.
• From privacy and data protection. All companies that process personal data are obliged to handle this properly and carefully.
• To prevent reputation damage. Anyone who does not have their security in order can appear negatively in the news and lose the trust of customers through this.

For these reasons, IT security is high on the agenda of many organizations. ICT Institute helps in taking practical steps to improve.

Standards and knowlegde

There is a lot of open available knowledge about best practices in the field of IT security. It is important that these practices are used more in companies. Important resources include the following:

• A summary of ISO 27001 and a summary of ISO 27002 items in parts one, two, three and four.
• Security Verified: an information security standard that can be used to demonstrate that an information security system is in place. The standard has been set up as openly as possible, with open criteria and a register.
• Information on the General Data Protection Regulation, including data protection officer (Dutch), the data breach reporting obligation, and the conclusion of processing agreements (Dutch).
• Open standards such as OWASP, SANS, CSCE

We also help organisations take technical steps, from password policy , using code scanning tools such as Microsoft Studio and also learning about OWASP.