ISO 27001 is an Information Security Management system, which enables a company to demonstrate their compliance with internationally recognized standards by putting in place controls and processes that protect data from malicious intent.
GDPR (General Data Protection Regulation) is a new EU directive due for implementation by May 2018 for all businesses in the EU to align there data security practices. This includes dealing with non-EU countries where EU data is hosted, as they need to have the same security in place. Brexit could pose a problem for firms that host EU data and may force UK providers of Cloud services to relocate to the EU if they have not complied to the standard. ISO27001 is an international best practice standard for securing data to enable people, technology and processes to mitigate the threat of cyber-crime. An accredited certification body reviews individual ISMS to ensure conformity to the standard. Businesses need protection from these threats and trained personnel in the field will be required to allow companies to work effectively in an environment that is continually changing.