Threat Intelligence: Protecting your Data and Information
This topic is relevant to clause 5.7 of the ISO 27002:2022 standard, which feeds into the Annex A of the ISO 27001:2022 Information Security, Cybersecurity and Privacy Protection - Information Security Management System Requirements Standard.
We live in a world where the importance of protecting data and information has never been more relevant.
Cyber threats are constantly evolving, making it challenging for individuals and organisations to keep up with the latest trends and protect themselves.
In this blog, we will explore existing and emerging threats relating to data and information, and provide insights into how to make informed actions to prevent these threats.
Existing Threats
Existing threats to data and information are numerous and have been around for a while. Here are some of the most common ones:
Emerging Threats
As technology advances, so does the tactics used by cybercriminals.
Here are some emerging threats to be aware of:
How to Make Informed Actions to Prevent Threats
To protect against existing and emerging threats, organisations should implement a threat intelligence program. Threat intelligence can be divided into three layers: tactical threat intelligence, operational threat intelligence, and strategic threat intelligence as stated in the ISO 27002 code of practice for information security controls.
In addition to implementing a threat intelligence program, organisations should also:
Conclusion
Protecting data and information has become a critical concern for individuals and organisations. Cyber threats are constantly evolving, making it important to stay informed about existing and emerging threats.
By implementing a threat intelligence program and following best practices for cybersecurity, organisations can reduce their risk of falling victim to cyber attacks.
ISO 27001 is a great platform for providing a framework for ensuring information security, considering the threats, responding to risks and recognising the importance of relevant security controls.
Daniel Pemberton
MD - Cardan Business Services Ltd
All Rights Reserved | Cardan Compliance Services.