Today, Privatklinik Wyss has an Information Security Management System (ISMS) in place as well as a comprehensive security concept at hand – both tailored to their needs and aligned with ISO standard 27001.
The concept not only serves as proof that Privatklinik Wyss meets the requirements of cantonal authorities, but also allows for effective information security measures. It will serve as a reference going forward, providing formal descriptions that Privatklinik Wyss can use to apply for ISO 27001 if desired.
On a purely technical level, the organization can now rely on a configuration management database (CMDB) serving as a solid foundation that lists all of their applications, including their current status.
Plus, to raise their awareness of information and cybersecurity, employees were shown in a live hacking session how a phishing attack works – from reception of the e-mail, data encryption, and ransom payment to data decryption.