ISO 27001 Threat Intelligence | Annex A 5.7

ISO 27001 Threat Intelligence | Annex A 5.7 | Explained

Рет қаралды 3,578

Stuart Barker

Күн бұрын

Пікірлер: 14

@robinjhunter 11 ай бұрын

Great video. Just about to implement it and this has reinforced my strategy on how to get this done.

@StuartBarker 11 ай бұрын

Great to hear ! I do weekly (ish) free group q and a sessions too … link on website.

@Babyology101 6 ай бұрын

Super helpful! Do you have a threat intelligence log/spreadsheet template you can share?

@StuartBarker 6 ай бұрын

@babyology101 - yes, hightable.io/product/iso27001-threat-intelligence-process-template/ This should help.

@MicheleGarampi 10 ай бұрын

Hi Stuart, great video and thanks for the great advice. I'm working on this control and I'm stuck. My company is small and I have difficulty identifying who is responsible for threat Intellience. It is possible to consider the person responsible for the management system as threat intelligence overall responsible, including analysis and reporting. Thank you

@StuartBarker 10 ай бұрын

Thanks for the feedback. Remember I hold a free weekly Q and A so you can speak to me - hightable.io/free-iso-27001-certification-consultancy/ The answer will depend a bit on your context but there are a couple of roles involved here. I would allocate responsibility to the most senior role that makes sense. Is there a CISO? Or *shudders* a CTO? Maybe it sits with incident management. I would need to know more about you and size and context to give more guidance but as I say, free weekly Q and A so we can chat in person to help more. Your suggestion of person responsible for management system without context is also valid and sensible and you wont fail the audit doing it for sure.

@JossOrtan 5 ай бұрын

Great breakdown on implementing ISO 27001 Annex A 5.7 for threat intelligence! What are some common pitfalls to avoid during the audit?

@StuartBarker 4 ай бұрын

Thank you - I cover what you need in the blog that goes with the video - it is here for reference - hightable.io/iso-27001-annex-a-5-7-threat-intelligence/ 🙏

@picachufairy 10 ай бұрын

Threat intel is a lifecycle of taking raw data, processing it and analyzing to create actionable information to share with stakeholders. One analyst or a whole team, it's more than feeds and articles. It's so hard to get people past seeing intel as IOCs feeds. Any advice to help people understand when they refuse to see intel outside of IOCs?

@StuartBarker 10 ай бұрын

I hear you. For me that is why I have roles and responsibilities in the process. As you will know, the feeds and data need some level of expert interpretation. Usually multiple people, teams and expertise. The feed is useless on its own. You need to know you and what you have, your risk appetite, your controls etc to assess the data in context and then transform it into both simple communicable information and then more technical actionable information. To be fair, some people just want to tick a box and have the feeds and some people want a full SOC and somewhere in the middle is where I think most 'should' land. What's your thoughts? I do have weekly Q and A sessions if you want to talk over - Tuesdays at 9am GMT - links on site. Thanks for watching and commenting.