Why ISO27001 Certified Organizations Still Experience Data Leakage?

The increases in mobile applications, IoT, and cloud technology have recently witnessed massive data leaks, ranging from personally identifiable information to corporate secrets. Despite numerous standards and frameworks, human errors that cause information security breaches have not yet been managed. This study contributes to the ISMS literature regarding the processing and operating of an ISMS concept based on the new comprehensive measures of information security management. The study uses exploratory surveys to determine significant differences in the fifty financial institutes. The study confirmed that the primary root cause of information security incidents is the interrelationship between humans and technology. The results of this study show that the NFC principle can assist in the enhancement and ability to monitor the performance of these interconnections compared to other recognized standalone ISMS standards.