White & Case Obtains ISO 27001 Recertification in Information Security Management
2 min read
Global law firm White & Case LLP announced today that it has been awarded recertification under the prestigious ISO/IEC 27001 standard, the world's highest accreditation for information protection and security.
Awarded to firms whose business processes conform to strict international standards, the ISO/IEC 27001 accreditation is the only auditable international benchmark for information security management.
The Firm's ISO program was also assessed to be in alignment with the rigorous National Institute of Standards and Technology (NIST) 800-53 standard, as well as with the cybersecurity practices recommended by the Financial Industry Regulatory Authority (FINRA). White & Case has consistently achieved ISO certification since February 2011.
"Our clients require that we ensure their information is secure and that we take every reasonable precaution to keep it that way," said Tony Cordeiro, White & Case Chief Information Officer. "Our longstanding adherence to the ISO 27001 framework and measurement against additional benchmarks, including those set out by NIST, FINRA and the Association of Corporate Counsel, allows us to demonstrate our commitment to these standards and continually improve and strengthen our cyber defense capabilities. By doing so, our Firm is well-positioned to properly protect our clients' confidential information against cyberattacks from both known and emerging threats."
Developed by the International Organization for Standardization, ISO/IEC 27001 is a globally recognized information security management system standard that requires adherence to controls governing information security policies; organization of information security; human resource security; asset management; access control; cryptography; physical and environmental security; operations security; communications security; system acquisition; development and maintenance; supplier relationships; information security incident management; information security aspects of business continuity management; and compliance.
To obtain recertification, White & Case underwent a comprehensive set of internal and external reviews to ensure its IT systems met the requirements of ISO/IEC 27001. The process was audited by the Professional Evaluation and Certification Board, a leading global provider of training, examination, audit and certification services.
For more information, please speak to your local media contact.