Content library
Digital security overview
77: Menettely toimintaympäristön seuraamiseen

How to fill the requirement

Digital security overview

77: Menettely toimintaympäristön seuraamiseen

Task name
Priority
Status
Theme
Policy
Other requirements
The goals of threat intelligence and the collection of information related to information security threats
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Development and cloud
Technical vulnerability management
requirements

Task is fulfilling also these other security requirements

5.7: Threat intelligence
ISO27k1 Full
77: Menettely toimintaympäristön seuraamiseen
Sec overview
Article 13: Learning and evolving
DORA
4.1: Tietojärjestelmien tietoturvallisuus
TiHL: Tietoturva
ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources.
CyFun
1. Task description

Organization carries out threat intelligence by gathering information about information security threats related to its operations and how to protect against them. The goal is to increase awareness of the threat environment, so that own security level can be better evaluated and adequate control measures implemented.

When collecting threat intelligence, all three levels must be taken into account:

  • strategic threat intelligence (e.g. information on the growing types of attackers and attacks)
  • tactical threat intelligence (e.g. information about tools and technologies used in attacks)
  • operational threat intelligence (e.g. details of specific attacks)

Principles related to threat intelligence should include:

  • setting targets for threat intelligence
  • identification, verification and selection of information sources used in threat intelligence
  • gathering threat intelligence
  • data processing for analysis (e.g. translation, formatting, compression)
Sharing threat intelligence
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Development and cloud
Technical vulnerability management
requirements

Task is fulfilling also these other security requirements

5.7: Threat intelligence
ISO27k1 Full
77: Menettely toimintaympäristön seuraamiseen
Sec overview
THREAT-2: Respond to Threats and Share Threat Information
C2M2: MIL1
Article 45: Information-sharing arrangements on cyber threat information and intelligence
DORA
DE.CM-8: Vulnerability scans are performed.
CyFun
1. Task description

Organization should share threat intelligence information actively with other organizations to improve its own threat awareness.

No items found.