What changed:
In 2022, ISO 27001 was updated to include 11 new controls, one of which is A.5.7, Threat Intelligence. This new control emphasises the importance of gathering and analysing information about threats, and using that information to take appropriate mitigation actions. Threat intelligence can help organisations to proactively identify and assess risks, develop effective controls, and deploy countermeasures to mitigate them.
What this means for any ISO 27001 certification renewal:
Certifications for the ISO 27001 standard will increasingly be assessed against the new 2022 edition of the standard, therefore organisations must be aware of these changes. For organisations currently certified against ISO27001, all current certifications will expire on 31st October 2025, therefore you will need to implement the new controls within the 3 year recertification window.
Why threat intelligence is now a requirement:
From 2016 to 2023, new vulnerabilities have grown an average of 25% year on year. This year (2024), we are seeing a 42% growth in vulnerabilities so far vs. '23. Businesses are overwhelmed, let alone under-resourced. Some sources estimates over 3.5 million open cyber security roles globally.
Another factor to consider is the growing speed and prominence of hackers, who are opportunistically responding to new exploitable vulnerabilities 3-4 times faster than businesses, and sometimes a mere hours after an exploit is disclosed.
You can see why their is a growing need for businesses to keep their fingers on the pulse to help them prioritise the right fixes at the right time. Without adequate threat intelligence, organisations are at risk of taking a far too reactionary approach to managing risks, increasing their risk of falling victim to attacks that may lead to significant financial and reputation damage.
By incorporating threat intelligence into your operations it will enable organisations to gain valuable insights into emerging threats, vulnerabilities, and attack techniques, and take the necessary steps to protect their systems and data before they are attacked.
How do you implement Threat Intelligence for ISO 27001:2022?
Like any control, there's never just one way to implement it. But there are a number of key high-level objectives that you will need to consider:
Look at internal and external sources of information/intelligence
Select and vet the sources that are most suitable for your ITSM
Ensure that information is coming from multiple sources
Prepare the information from your sources for analysis
Analyse and contextualise the info for your business to understand how it is relevant to you
Communicate and share information to relevant people in your business in a way they understand it
Incorporate this process into your risk management process, ensuring the intelligence is driving action to take steps to remediate potential risks
Collect evidence of instances where action has been taken to make changes in response to threat intelligence your organisation has received.
How Cytidel can help:
Cytidel have automated the collection and analysis of vulnerability threat intelligence, saving organisations 20+ hours a week in vulnerability research.
With over 200 sources pulled into the platform and mapped against our advanced vulnerability database, Cytidel gives you easy real-time access to:
trending vulnerabilities across news and social media
new exploits or proof-of-concepts
emerging threats not yet published to NVD
new threat campaigns
new CISA Known Exploited Vulnerabilities
cytidel spotlight vulnerabilities along with analysis and remediation steps
map the latest intelligence against your vulnerability scans to help with ISO27001:2022 Control 8.8, Management of Technical Vulnerabilities
Company Profile
Cytidel is a vulnerability threat intelligence platform that helps organisations stay on top of rising threats and make critical risk decisions through actionable, real-time intelligence.
Cytidel’s founders, Matt Conlon (CEO) and Conor Flannery (CTO), are vulnerability threat intelligence specialists and certified ISO 27001:2022 auditors, who have tailored the Cytidel product to assist with threat intelligence compliance.
To find out more about how Cytidel can help you with threat intelligence compliance, check out the link below.
Comments