AXS Guard proudly announces its successful achievement of ISO 27001 certification for information security.
This significant milestone reinforces the company's unwavering commitment to excellence in quality and the highest standards of information security. It reaffirms AXS Guard's dedication to protecting employee and customer data, as well as critical infrastructures that support business-essential processes.
What is ISO 27001?
ISO 27001 is a globally recognized standard in the field of information security. By obtaining ISO 27001 certification, an organization demonstrates its compliance with all information security requirements.
"This is a significant milestone for AXS Guard, and we are immensely proud of this achievement," states Alex Ongena, CEO of AXS Guard. "It validates our commitment to ensuring the confidentiality, integrity, and availability of data. This certification underscores our dedication to excellence and confirms AXS Guard as a trusted partner in IT security."
For AXS Guard, obtaining this certificate not only signifies the implementation of a robust information security management system (ISMS) but also paves the way for compliance with industry regulations and standards, such as the GDPR and NIS2.
Moreover, ISO 27001 mandates companies to implement a systematic process for identifying, assessing, and managing risks. This enhances risk management practices and minimizes the likelihood of security incidents.
As such, AXS Guard naturally aims to ensure the continuity of its business operations, even in the face of disruptions like cyberattacks or other security incidents.
How does this benefit AXS Guard partners and customers?
Alex Ongena explains the significance for their partner organizations: “We provide partners and customers with every reason to trust us and our business operations. By knowing that we meet stringent security requirements, they can mitigate their own supply chain risks, more easily comply with regulations, and gain a competitive advantage.”
How are ISO 27001, GDPR, and NIS 2 related?
While obtaining an ISO 27001 certificate is not mandatory, European organizations are required to adhere to the GDPR and NIS 2 directives.
All European organizations must comply with the Global Data Protection Regulation (GDPR). The GDPR aims to strengthen privacy and protect personal data, focusing on the individual privacy rights of European Union citizens..
The NIS 2 directive was designed to enhance the security and resilience of network and
information systems across the European Union. It establishes mandatory
minimum cybersecurity standards for essential organizations and fosters
cooperation among Member States for a coordinated approach to cyber threats.
However, not all European organizations are subject to NIS 2 compliance.
NIS 2 and ISO 27001 share the common goal of increasing cyber resilience. While NIS 2 imposes legal obligations without specifying implementation details, ISO 27001 provides a structured framework for implementation. By including all processes, products, and services of the entire company, including subsidiaries, within the "Scope of Applicability" of your ISO 27001 certification and obtaining certification from a recognized Conformity Assessment Body (CAB), you can meet the requirements of the Belgian regulator and obtain a "NIS 2 Conformity Attestation" certificate.
CyFun: the path to NIS 2 alongside ISO 27001.
Belgium is leading the European Union in establishing a system where companies can gain legal certainty regarding NIS 2 compliance. They offer two pathways: CyFun or a strict ISO 27001 approach.
The Centre for Cybersecurity Belgium (CCB) developed the Cyber Fundamentals Framework (CyFun)
It is a standardized approach to comply with NIS 2.
CyFun comprises a set of concrete measures based on and linked to four commonly used cybersecurity standards:
- NIST Cybersecurity Framework
- ISO 27001/27002
- CIS Controls
- IEC 62443.
A CyberFundamentals Toolbox is available, containing resources to assist in compliance with the CyberFundamentals Framework. Achieving the standard qualifies organizations for the CyberFundamentals Label.
With this label, organizations, their partners, and customers can be assured of NIS 2 compliance.
Alternatively, ISO 27001 certification can pave the way for NIS 2 compliance
It should be noted that the government imposes strict requirements:
- The Declaration of Applicability (SoA) encompasses the entire company, including all its branches.
- The ISO certificate must be issued by a Conformity Assessment Body (CAB) recognized by the CCB.
The number of recognized CABs is currently limited, though the list is expected to grow soon, according to Johan Klykens, Director Competent Authority on Cybersecurity Certification at the CCB.
AXS Guard Strengthens Cyber Resilience Initiatives
Able bv (AXS Guard) has earned certification from the International Accreditation Service (IAS), one of the world’s largest recognized Conformity Assessment Bodies (CAB). IAS is expected to be added to the official list of recognized entities soon.
Alex Ongena emphasizes the importance of these standards and certifications: "AXS Guard remains committed to maintaining excellent cyber hygiene. Our goal is not just to meet but to exceed these standards, with NIS 2 compliance being the strongest testament to this commitment."
AXS Guard has also obtained ISO 27001 certification with the most comprehensive Statement of Applicability (SoA), allowing it to confidently assert official NIS 2 compliance.
New milestone: AXS Guard achieves ISO 27001 Certification