High Table Logo - ISO 27001
HT Fav Icon

ISO27001:2022 FAQ

What is ISO 27001?
What is ISO 27001 Certification?
How much does ISO 27001 Cost?
What are ISO 27001 Policies?
What are ISO 27001 Documents?

Home / ISO 27001 Glossary of Terms / Information Security 

Information Security 

13/09/2025

Author: Stuart Barker | ISO 27001 Expert and Thought Leader

Information Security Definition - ISO 27001 Glossary

Information security is about keeping data and information safe. It protects information from being accessed, used, changed, or destroyed without permission. Think of it as putting a lock on your digital and physical files to keep them private and correct.

Examples

  • Protecting your password: When you create a strong password and don’t share it, you’re practicing information security. This prevents others from getting into your accounts.
  • Shredding old documents: Tearing up or shredding papers with personal info, like bank statements, stops people from stealing your identity.
  • Using antivirus software: Antivirus programs on your computer help keep viruses away. This is a form of information security that protects your data from being harmed.

Context

In a world full of computers and the internet, keeping information safe is super important. Businesses and people alike need to protect their personal details, financial records, and other private data. This is why things like secure websites (the ones with “https://” at the start), firewalls, and encryption exist. They are all tools used for information security.

Relevant ISO 27001 Controls

The ISO 27001 standard is a set of rules for managing information security.

ISO27001:2022 Reference Guide

ISO 27001:2022 Annex A Controls Reference Guide

Stuart Barker, ISO 27001 expert

Stuart Barker
ISO 27001 Expert and Thought Leader

Book a Call
ISO 27001 Toolkit Business Edition
ISO 27001:2022 Jumpstart Kit
ISO 27001:2022 Toolkit: Business Edition
ISO 27001:2022 Toolkit: Consultant Edition
Stuart Barker, ISO 27001 expert

About the author

Stuart Barker is an information security practitioner of over 30 years. He holds an MSc in Software and Systems Security and an undergraduate degree in Software Engineering. He is an ISO 27001 expert and thought leader holding both ISO 27001 Lead Implementer and ISO 27001 Lead Auditor qualifications. In 2010 he started his first cyber security consulting business that he sold in 2018. He worked for over a decade for GE, leading a data governance team across Europe and since then has gone on to deliver hundreds of client engagements and audits.

He regularly mentors and trains professionals on information security and runs a successful ISO 27001 YouTube channel where he shows people how they can implement ISO 27001 themselves. He is passionate that knowledge should not be hoarded and brought to market the first of its kind online ISO 27001 store for all the tools and templates people need when they want to do it themselves.

In his personal life he is an active and a hobbyist kickboxer.

His specialisms are ISO 27001 and SOC 2 and his niche is start up and early stage business.