Esoteric awarded ISO 27001 Information Security certification following BSI evaluation

Esoteric, the specialist global counterespionage and technical surveillance countermeasures (ie electronic bug sweeping) business, has announced that, in the wake of a rigorous evaluation of its information security processes, the company has now been granted the prestigious ISO 27001 certification by the British Standards Institution (BSI).

Accreditation demonstrates Esoteric’s commitment to information security, both in terms of its own internal data and that of its clients and partner organisations who entrust the Surrey-based business with their valuable and sensitive information.

Compliance with the International Organisation for Standardisation’s (ISO) strict requirements highlights a commitment from Esoteric to adopt Best Practice and provides both clients and partners with reassurances in respect of the handling and protection of their information.

“We place the very highest priority on information security,” stated Peter Gregg, operations and compliance manager at Esoteric. “The ISO 27001 certification demonstrates our commitment to continual improvement and, importantly, confirms that our policies and practises comply with the most stringent standards.”

Information Security Management Systems

ISO/IEC 27001 Information Technology — Security Techniques — Information Security Management Systems — Requirements is the internationally recognised Best Practice standard for Information Security Management Systems (ISMS). The ISMS framework of policies and procedures includes the legal, physical and technical controls involved in information risk management and covers people, processes and technology.

The 2013 version of the standard (ie the most recent iteration) places more emphasis on measuring and evaluating how well an organisation’s ISMS is performing. Building on the 2005 version, there’s now a section on outsourcing, which directly reflects the fact that many organisations rely on third parties to provide some aspects of IT. However, it doesn’t emphasise the Plan-Do-Check-Act cycle outlined by ISO 27001:2005. More attention is paid to the organisational context of information security.

Overall, 27001:2013 is designed to fit better alongside other management standards such as ISO 9000 and ISO/IEC 20000 (the latter references IT service management) and certainly has more in common with them.

Esoteric's managing director Emma Shaw MBA CSyP FSyl FCMI

Esoteric’s managing director Emma Shaw MBA CSyP FSyl FCMI

“We recognise that information is one of a company’s most valuable assets,” remarked Emma Shaw CSyP, managing director at Esoteric. “Any risk to the integrity of that data can make or break a business. Security threats can impact a company financially, impede expansion, prevent client attraction, damage assets and, above all, impact reputation.”

When properly managed, a successful information security policy allows an organisation to operate with the utmost confidence. As Emma Shaw has stated, this is something the Esoteric team lives by and duly advocates for all of its clients.

As a business, Esoteric’s services for clients include the development of counterespionage/security strategies and policy implementation, technical surveillance countermeasures training and espionage awareness briefings, cyber espionage response and review/forensic investigations, the provision of critical information protection products (including ‘E-Room’ 24/7 monitoring sensors, mobile phone detectors and mobile phone blockers), RF attenuation and Shielded Rooms and covert investigations and surveillance.

For more than 100 years now, the BSI has absolutely led the way in the standards arena. The organisation sits among the most respected and reputable management systems certification bodies in the world and is presently accredited by around 20 local and international bodies.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts