Information relating to information security threats should be collected and analysed to produce threat intelligence.
Threat intelligence is one of the new controls added in ISO 27002. The purpose of this control is to help the organisation collect and analyse both internal and external threats on strategic, operational, and tactical levels to prevent the occurrence of information security incidents in the current and future.
Threat intelligence could be an intimidating experience for some organisations. Reasonably, it isn't straightforward and requires both human and equipment resources and a continuous effort. Nonetheless, once the organisation establishes its stage, it turns out to be one of the most beneficial and supporting practices for the organisation. While establishing a threat intelligence program within the organisation, it is vital to keep in mind that the program should help to facilitate informed action to reduce or prevent threats from causing harm to the organisation. Dividing threat intelligence into three layers, strategic, operational, and tactical, is recommended. Strategic threat intelligence focuses on comprehending areas such as types of attackers, types of attacks, and so forth. Operational intelligence should chiefly focus on details regarding the specific attack, including technical indicators, significant sources of attack, etc. Finally, the focus of tactical intelligence should be to contemplate the methods of attacks, tools, and technologies involved. While practicing threat intelligence, it is essential to remember that gathering information should be relevant, insightful, contextual, and actionable. During threat intelligence practices, an organisation might suddenly find itself going too far away from the intended objective and become offensive or collect and analyse irrelevant data that might not impact the organisation, resulting in a waste of resources and time.
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.
If you would like to know more about ISO Standards, Certification and the value of a good management system you can add to your business we would love to hear from you: Kent: 01892 800476 | London: 02037 458 476 | info@avisoconsultancy.co.uk