ISO/IEC 27001: What’s new in IT security?

How governments and business leaders use standards to accelerate climate action
January 10, 2023
ITC and ISO strengthen ties to benefit global markets.
January 12, 2023

Cyber-attacks are costly, disruptive and a growing threat to business, governments and society alike. Here’s how to protect your assets.


To address global cybersecurity challenges and improve digital trust, a new and improved version of ISO/IEC 27001 has just been published. The world’s best-known standard on information security management helps organizations secure their information assets – vital in today’s increasingly digital world.

Cybercrime is growing ever more severe and sophisticated as hackers develop more advanced cybercrime techniques. The World Economic Forum’s Global Cybersecurity Outlook report indicates that cyber-attacks increased 125 % globally in 2021, with evidence suggesting a continued uptick through 2022. In this fast-changing landscape, leaders must take a strategic approach to cyber-risks.


“Amid the Fourth Industrial Revolution, systemic interdependence creates both downside costs of cyber-risk and holds a much greater upside value,” says Andreas Wolf, who leads the group of experts responsible for the standard. “The organizations that will lead us into the digital future are those that are not only vulnerable enough to admit they can’t do it alone, but are also confident and savvy enough to realize that it’s better for businesses to not even attempt it.”

To address these cybersecurity challenges, organizations must enhance their resilience and implement cyber threat mitigation efforts. Here’s how ISO/IEC 27001 will benefit your organization:

  • Secure information in all forms, including paper-based, cloud-based and digital data
  • Increase resilience to cyber-attacks
  • Provide a centrally managed framework that secures all information in one place
  • Ensure organization-wide protection, including against technology-based risks and other threats
  • Respond to evolving security threats
  • Reduce costs and spending on ineffective defence technology
  • Protect the integrity, confidentiality and availability of data

Organizations that adopt cyber resilience quickly emerge as leaders in their industry.

Organizations that adopt cyber resilience through confident vulnerability quickly emerge as leaders in their industry and set the standard for their ecosystem. The holistic approach of ISO/IEC 27001 means that the entire organization is covered, not just IT. People, technology and processes all benefit.

When you use ISO/IEC 27001, you demonstrate to stakeholders and customers that you are committed to managing information securely and safely. It’s a great way to promote your organization, celebrate your achievements and prove that you can be trusted.