This real-estate giant hit a wall – ISO Certification knocked it down.

Cushman and Wakefield come from humble beginnings. What started 100 years ago as a small business in New York now operates across 400 offices in 70 countries. Even though they’re the second largest property group in the world, they’re still hungry for growth.

I sat down with Operations Risk and Compliance Manager, James Logan who explained why an ISO 27001 certification was important for their business, and how it enabled them to continue growing in the Australian market when they hit roadblocks to growth.

What is ISO 27001?

ISO 27001 is an international standard for managing information security. It provides a framework to identify, manage, and reduce risks to sensitive data by implementing an Information Security Management System (ISMS). By addressing cyber risks like data breaches, phishing, or malware attacks, ISO 27001 helps organisations safeguard confidential information, comply with regulations, and boost stakeholder confidence. It promotes a proactive approach to security, minimising vulnerabilities and ensuring business continuity.

Their journey to certification

Cushman and Wakefield started operations in Australia in 2011, and since then have taken the industry by storm, with their clients being some of the biggest financial institutions in the country. James explained that despite their upstanding reputation, they still had to become certified to win more business.

“The need for certification stemmed from two contracts that we were awarded nationally by major Australian banks, but we couldn’t do any real work for them until we were certified in ISO 27001. That’s when it became a real need.”

Even with all the right processes in place, certification was still needed. 

James was very open about the fact that Cushman and Wakefield have long upheld robust security standards, and they had even implemented some of the guidelines of the ISO 27001 standard before making it official.

“We already upheld the rigorous standards of ISO 27001, so our day-to-day operations haven’t changed much. We were ISO aligned before we were certified.”

But being ‘ISO aligned’ wasn’t enough, as James explained above. Even a giant and well-known company with a great reputation, such as Cushman and Wakefield, needed to obtain certification to work in the finance sector. It might seem excessive to some, but when you think about the current state of cyber breaches and cybercrimes, it’s completely understandable. With cyber-attacks happening every 36 seconds, there’s no questioning the need for tight security measures. James believes that sooner or later, Certification will become a requirement for any business working with financial institutions.

“ I 100 per cent believe this will become the baseline for any business that does work for financial institutions. I think it’ll get to the point where if you’re already on their panels or doing work for them, you won’t be able to continue that work unless you’re certified. I’d say if you want to experience growth in the following years, now’s the time to get ahead of the curve and get certified.”

Certification doesn’t make you bulletproof

It’s important to note that while certification is able to protect against risks, it doesn’t mean you’re bulletproof. It’s not set and forget by any means. And James understands that.

“Just because you have the certification doesn’t mean that you’re bulletproof. It’s an ongoing process, and you need to have that mindset of continuous improvement. The hackers and criminals are getting smarter and more sophisticated. So, we have to improve our systems and policies to ensure that our customers’ data is safe.”

That’s the key strength of Certification. It pushes you to be consistent and up to date, as the criminals get smarter, so does your system. This allows your business to grow in more ways than one.

Working with Citation Certification

When asked how his experience working with Citation certification was, he gave a glowing review.

“The auditor that was assigned to us was fantastic. He explained what was expected and required before the audit commenced. And even during the audit process, when things were being identified or uncovered, we could work quite dynamically. He was really accommodating and professional, and really quite pragmatic in the recommendations for improvement, which we’ve taken on board.”

What’s next for Cushman and Wakefield?

Before this certification, James had no experience with certification, now he feels prepared to take on the future, and even more certifications. According to James, they’ve got the certification bug, and they’re not slowing down anytime soon.

“Not having a background in it, at first, the process was daunting. Now that I’ve done it, I’m quite glad I’ve learned more about it.”

“Noral Wild – our CEO, is fully invested in certification; she’s considering rolling it out for the entire Australian and New Zealand business. She’s focused on continuous improvement and making sure our customers’ data is secure.”

How can businesses prepare for the future?

ISO 27001 certification provides businesses with a clear framework to manage information security and adapt to evolving threats. No matter the industry, certification positions your business to easily meet potential future mandates. By embedding robust security measures and a framework for continuous improvement, businesses remain adaptive to change and well-prepared for industry developments.

Certification grows with your company

ISO 27001 certification provides a flexible framework that evolves with a business as it grows. Its scalability ensures security systems can handle increased operational complexity, whether entering new markets, managing larger data volumes, or integrating new technology. This adaptability makes ISO 27001 a practical, long-term investment in securing sustained growth and operational resilience. With Citation Certification by your side, the process is easy and stress-free. Contact us today to discuss your certification journey.

About our author

Georgia Theocharous is a Copywriter and Content Specialist for Citation Group. She is responsible for crafting content across multiple channels such as blogs, social media, landing pages and email campaigns. In her spare time, you can find her jamming to her favourite music.

Cushman and Wakefield

Cushman & Wakefield is a full-service global commercial real estate company with over 100 years of experience, 52,000 professionals, and 400 offices worldwide. They’re driven to solve complex problems, and they have the expertise and experience to bring solutions to life.