• Home
• About us
• Introductions
• Concepts
• Standards
• Regulatory
• Framework
• Resources
• Downloads

• Our Objective
• Steve Wright Profile
• Taxomony
• Resource Centre
• Academic
• Affiliates

About Us

Information Security (InfoSec) is far more complex and broad than just IT, InfoSec interweaves in and out of an entire organisation and its processes. It spans and affects every part of the organisation (and trusted third parties). It can change the way an entire organisation, division, department functions; or can change the way an entire business operates.

InfoSec provides assurance to both stakeholders and shareholders, and if implemented correctly – should add value to the bottom line.

Why do we need Information Security?

• The Identity Theft Resource Centre reports large increases in security breaches in the USA from 2006 to 2007 (79 million credit card records compromised in 2007 compared to 20 million in 2006);
• The International Automobile Federation, has fined the McLaren Forumla-1 team a record $100 million after one of its engineers was found with data belonging to a rival team.
• In 2007 25 million child benefit records of personal information and bank details were lost in the post by the UK Home Office
• In 2007 45 million records were compromised in a single breach at TJX Companies (the parent company of UK retailer TK Maxx); and
• Nationwide was fined £1million by the FSA in February 2007 for a lost laptop.  According to the FSA, Nationwide was guilty of failing to have effective systems and controls in place to manage its information security risks.

We hope this website is useful and is used as intended – a simple reference point where we in the industry can share our information wealth.

Upon completion of the web site tour, you should come away with a reasonable level of knowledge, or if you have any further questions surrounding:

• Consultancy
• Training
• Contracting
• Project Management
• Knowledge share
• Networking

Then please email me and I shall point you in the right direction.

We can not offer an answer to all your enquiries, but we can offer an opinion on any of the areas contained within this website, and if we don’t have the appropriate information, we are connected to a wide network of other similar professionals who can offer professional services on:

• Information Security Advice
• IT Security
• Risk Assessment & Methodology
• Information Assurance
• Compliance & Governance framework
• Audit and review cycle