Information Security Forum
 |
|
| Industry | information security best practice research |
|---|---|
| Founded | London, United Kingdom (1989) |
| Website | SecurityForum.org |
The Information Security Forum (ISF) is an independent, not-for-profit organisation with a Membership comprising many of the world’s leading organisations featured on the Fortune 500 and Forbes 2000 lists. The ISF are dedicated to investigating, clarifying and resolving key issues in information security and risk management, by developing best practice methodologies, processes and solutions that meet the business needs of Members.
Founded in 1989, the ISF provides Members with a trusted and confidential environment within which their in-depth knowledge and practical experience can be shared. These forums include the ISF member website (ISF Live), Regional Chapter Meetings and Solution Development Workshops. This approach enables the ISF to harness the collective insights and knowledge of its Members to deliver leading-edge solutions that are comprehensive, pragmatic and effective. By working together, Members avoid the major expenditure required to reach the same goals on their own.
The ISF has developed a model that shows how to address – via ISF Research, Knowledge Exchange and Tools & Methodologies – the fundamental elements of an information security programme. The ISF provide insights, best practice standards and tools which address every aspect of the model to aid organisations in enhancing their information risk environment, including organisations in their supply chain.
Consultancy Services from the ISF further provide Members and Non-Members with the opportunity to purchase short-term, professional support activities to supplement the implementation of ISF products including the ISF Protection Process and other resources in the ISF series.
The ISF delivers a range of content, activities, and tools. The ISF is a paid membership organisation: all its products and services are included in the membership fee. From time to time, the ISF makes research documents and other papers available to non-members.
The ISF released the updatedStandard of Good Practice for Information Security in 2016. The Standard is available to ISF members and non-members, who can purchase copies of the report. The 2016 Standard represents an update on the 2014 release of the Standard, and builds upon the previous release to include the most up-to-date controls, approaches and thought leadership in information security.
The standard is a business-focused, practical and comprehensive guide available for identifying and managing information security risks in organizations.
The 2016 standard covers current information security 'hot topics' such as Threat Intelligence, Cyber Attack Protection and Industrial Control Systems, as well as, significant enhancement of existing topics including: Information Risk Assessment, Security Architecture and Enterprise Mobility Management. It can be used to build a comprehensive and effective information security management system. In addition to covering information security-related standards such as COBIT 5 for Information Security, SANS Top 20 Critical Security Controls for Effective Cyber Defense, the 2016 standard covers ISO/IEC 27002:2013 as well as PCI DSS 3.1 and the NIST cyber security framework.
...
Wikipedia