New Sun Road Gets ISO 27001 Certification:
A Commitment to Cybersecurity Excellence
New Sun Road has achieved a significant milestone on its path to cybersecurity excellence: ISO 27001 certification. Our journey towards this prestigious certification was a comprehensive and collaborative effort, involving multiple teams, strategic partnerships, and a dedication to continual improvement.
Employee Training: A Foundation of Security Awareness
Recognizing that our team members are the frontline of defense against cybersecurity threats, we initiated a comprehensive training program, which covered topics ranging from phishing awareness to data protection best practices. By equipping our employees with the knowledge and tools to identify and respond to potential security risks, we strengthened our overall security.
Microsoft Azure: A Pillar of our Cybersecurity Strategy
New Sun Road relies on Microsoft Azure as a trusted partner in delivering secure and scalable solutions to our customers. Azure’s comprehensive security features have been instrumental in fortifying our cloud-based operations. With Azure, we benefit from a robust set of security controls, threat detection capabilities, and compliance certifications that align with ISO 27001 requirements.
Secureframe: A Vital Partner in Certification
To kickstart our ISO 27001 certification journey, we enlisted the support of Secureframe, a leading platform designed to streamline and simplify the compliance process. Secureframe played a crucial role in facilitated document management, automated evidence collection, and simplified audit readiness.
Policy Development: Setting the Standard
We updated our policies and procedures to ensure that security is ingrained in every aspect of our operations. Our policy framework covers data protection, access controls, incident response, and much more, serving as a guide to maintain a secure environment.
Tabletop Exercises: Preparing for the Unexpected
New Sun Road recognizes that cybersecurity incidents can happen despite best efforts. We conducted tabletop exercises around business continuity and incident response planning. These annual exercises simulate various scenarios and practice our response strategies, ensuring that our teams are ready to act swiftly and effectively in the face of adversity.
Risk Assessment: Identifying and Mitigating Risks
We engaged in a comprehensive risk assessment process to identify potential vulnerabilities and threats. This allowed us to prioritize our security efforts and implement measures to mitigate risks effectively.
Security Objectives and KPIs: Measuring Success
With clear security objectives and establishing Key Performance Indicators (KPIs), we can measure the effectiveness of our cybersecurity efforts and monitoring our progress to continually improve our security posture.
Strategic Partnerships: The Collaborative Edge
In 2022, we partnered with PG&E’s cybersecurity team to identify risk areas and mitigation strategies. While security is baked into our product offerings, this was the first time we worked closely with a utility to ensure that they were comfortable with our cybersecurity frameworks and approach.
A Unified Effort: The New Sun Road Team
Our ISO 27001 certification initiative brought together members from software and hardware engineering, operations, HR, and accounting all collaborating in our commitment to security as a collective responsibility.
The ISO 27001 certification marks a significant milestone to meeting the highest standards of information security and providing our customers with the utmost confidence in our products and services. We extend our gratitude to all those who contributed to this success, and we look forward to the challenges and opportunities that lie ahead in the ever-evolving landscape of cybersecurity.