20 May 2023 - UNN obtained the ISO/IEC 27001:2022 certification for implementing an effective information security management system (ISMS) and improving its cyber security posture in March 2023 after completing a rigorous process that included training employees internally from all departments, conducting risk assessments, treating identified medium and high risk, carrying out internal audit exercises where results were compiled and reviewed by management before an external audit was conducted by British Standards Institution (BSi).
ISO/IEC 27001:2022 is an international standard that outlines specifications of ISMS to address information security that includes people, processes, and technology. This certification protects the confidentiality, integrity, and availability (CIA) of an organization’s data and information assets and systems. It is one of the most globally recognized certifications that is in line with security standards from BSi.
UNN has continuously contributed towards ICT adoption for the nation in line with Brunei Vision 2035 and has invested in key initiatives and undertook programs to build and modernise its network infrastructure and IT operations. The rapid increase of traffic on the network made it clear that it is vital for the network infrastructure and data centre to be able to accommodate higher speed and capacity for the nation to experience a resilience network.
The launch of UNN cloud hosting service as part of its Infrastructure-as-a-Service (IaaS) portfolio in December 2021 and its Distributed Denial of Service (DDoS) in February 2022 are parts of its curated approaches to protect organisations and their businesses from malicious threats and cyberattacks, ensuring their data and service are managed locally, residing in geographically redundant and secure UNN Data Centre facilities and remains uninterrupted as the number of people going online increased.
In order to maintain the network’s resilience and protect UNN Data Centre facilities, it is necessary for UNN to be ISO/IEC 27001:2022 certified for the implementation of an effective ISMS framework and improvements of its cyber security posture.
This certification gives verification that UNN’s ISMS has the right processes and procedures which are in line with the international standards on information security. It is UNN’s top priority to secure all types of information and data provided by UNN’s stakeholders, clients, employees, partners, regulatory agencies, suppliers, and communities from unauthorized access, disclosures, modification, and eradication.
Receiving the certification can be a differentiator, demonstrating UNN’s commitment to information security and providing a competitive edge in the marketplace. Many regulations and standards require UNN to implement information security controls therefore this certification will help UNN to demonstrate compliance to these requirements.
As the ISO/IEC 27001 certification implies an annual recertification with a full set of criteria to be audited, UNN has established this as a continuous process within the organization, which will support UNN’s strategic focus to be a trusted partner for ICT services and digitalization, with efficiency gains, cost savings and improved operations.
While implementing ISO/IEC 27001 can be challenging, the benefits of a well-implemented ISMS can improve an organisation’s security posture, reduce risk of data breachers, and enhance customer confidence. Overall, with the certification, UNN demonstrates its commitment to information security and regulatory compliance, setting itself apart as a leading institution in Brunei Darussalam.back