ISO27032.com aims to be the leading edge in cyber risk management.
Cyber risk will continue to attract much attention from media and corporates. There are concerns that organisations will not have sufficient resources to keep pace with their cyber risk exposure. Guidance such as ISO27032 and standards such as ISO27001, NIST, etc have become part of the cyber hygiene. This website is dedicated to cyber security.
Difference between ISO27032 and ISO27001
As you would know ISO27032 is dedicated to cyber risk. The main implementational difference between ISO27032 and ISO27001 is that the former is guidance. Therefore, you cannot obtain a certification which you would in the case of ISO27001, PCI-DSS, etc. This is hardly a surprise; given the dynamic nature of cyber risk.
What does ISO27032.com deliver?
We will provide recommendations on concrete cybersecurity measures. We bridge the gap between the guidance and leading cyber risk management practice. Our philosophy is that "you should not be online; if you cannot manage cyber risk".
ISO27032.com follows a principle of "informed vendor neutrality". We work with leading cyber service providers; however, our recommendations are independent. They will always be independent.