Cyber Security Policy

Answer: To ensure a better alignment between Information security and cyber security practices it is better to consider the Cyber Security Policy as a section of your Information Security Policy. Regarding which points you should consider, a good reference is the ISO 27032 standard, which provides guidelines for cyber security. In terms of policies you should consider the following topics:
- Guidelines to be followed when you are an information providing organization and when you are an information receiving organization
- Classification and categorization of information
- Information minimization
- Limited audience
- Coordination protocol

These articles will provide you further explanation about cyber security and ISO 27001:
- What is cybersecurity and how can ISO 27001 help? https://advisera.com/27001academy/blog/2011/10/25/what-is-cybersecurity-and-how-can-iso-27001-help/
- ISO 27001 vs. ISO 27032 cybersecurity standard https://advisera.com/27001academy/blog/2015/08/25/iso-27001-vs-iso-27032-cybersecurity-standard/

These materials will also help you regarding cyber security and ISO 27001:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- 9 Steps to Cybersecurity: The Manager’s Information Security Strategy Manual https://advisera.com/books/9-steps-to-cybersecurity-managers-information-security-manual/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/