Chapter 6. Information Risk in Large Organizations

Executive summary

The information security risks and regulatory pressures faced by larger organizations are of a different league to those faced by smaller ones. Both the threats and the vulnerabilities are significantly different and, as a result, larger organizations suffer more security incidents than the average: ISBS 2004, for instance, reported that 94% of large companies had experienced an information security breach, compared to an overall rate of 74%.

Threats to larger organizations

The threats, both external and internal, are more significant, and this reflects the perceived depth, quantity and value of the larger organization’s information assets, its reputation and profile, and the number ...

Get The Case for ISO 27001 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Case for ISO 27001 by

Chapter 6. Information Risk in Large Organizations

Executive summary

Threats to larger organizations

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly