ISO issues interorganizational communication security standards

ISO/IEC 27010:2012 provides controls and guidance specifically relating to initiating, implementing, maintaining, and improving information security in interorganizational and intersector communications.

The standard is applicable to all forms of exchange and sharing of sensitive information, both public and private, nationally and internationally, within the same industry or market sector or between sectors, ISO said.

In particular, it is applicable to information and data exchanges related to the provision, maintenance and protection of an organization's or nation-state's critical infrastructure.

Following the guidelines in the standard will enable organizations to ensure their sensitive information, which sometimes needs to be shared with other organizations, is protected from unauthorized access, the organization explained.

The guidance on methods, models, processes, policies and controls will help professionals understand the principles of sharing of information securely with trusted counterparties, ISO noted.

ISO/IEC 27010:2012 is fully aligned with the ISO 27000 family of information security standards.

What’s hot on Infosecurity Magazine?