International standards on information security discussed in Yerevan with OSCE help

YEREVAN, 27 April 2007 - Methods of managing information security according to internationally-recognized standards were the topic of a discussion organized by the OSCE Office in Yerevan today.

The event was part of an OSCE project to strengthen cyber security in Armenia, which aims to raise awareness among State and private institutions dealing with virtual security. It will also help in drafting national legislation currently under preparation in the country.

"Inadequate physical, organizational and logistical security procedures remain prevalent in the vast majority of cyber crime cases. These weaknesses can be resolved once a firm policy decision is reached and relevant implementation mechanisms are in place," said Carel Hofstra, Politico-Military Officer at the OSCE Office.

The main objective of the ISO 17799 standard is to provide general methodology for the elaboration, introduction and assessment of information security management systems, applicable for commercial, state and non-state structures. The standard is part of an obligation under the European Convention on Cyber Security, ratified by Armenia in 2006.

"Information today is a material resource. Our research shows that some organizations do not take information security seriously." added Tigran Brigalyan, an expert from the National Bureau of Expertise, a State institution tasked to provide recommendations on issues relating to information security. "It is essential to have in place well-defined and implemented security policies to effectively manage information security according to international standards."

The event brought together members of the OSCE-supported Task Force on Strengthening Cyber Security and Fighting Cyber Crime in Armenia, represented by the National Security Service, the Police, the National Assembly, the Prosecutor's Office, the President's Office and the Armenian National Bureau of Expertise.