Launch of BS 10010:2017, Information classification, marking and handling

On 5 April 2017 BSI launched the new standard BS 10010:2017, Information classification, marking and handling at CGI in London. The standard has been a collaborative process and this was reflected in the event with speakers from CGI and BSI talking about the importance and value of organizations creating and embedding Information Classification, Marking and Handling (ICMH).

Dr. Andrew Rogoyski, Vice President Cyber Security Services at CGI explained the two cyber security issues which led to the creation of the standards; identification of data and culture change within organizations. With this in mind the standard is simple, readable, can be easily implemented without automation and can be used by organizations of all sizes. ICMH requires all sensitive information to be classified and involves everyone in an organization, making sharing between organizations safer. It promotes a lifecycle approach to information and encourages archiving as well as destruction.

Security Awareness Special Interest Group (SASIG) founder Martin Smith spoke at the event about how most current systems of data classification are unfocused and unworkable. He said that a competent ICMH should help organizations to develop processes that can determine what information needs protection and how to best provide that protection in a clear and manageable way. The new standard should help organizations to achieve this by empowering employees to handle information in the best way possible.

For more about BS 10010:2017 please click here.