Content and scope of External Threat Monitoring
Assign topic to the user
1 - At present, the most immediate question I have is this – what is the content and scope of External Threat Monitoring?
I’m assuming you are referring to the Security Procedures for IT Department template.
Considering that, the definition of what to monitor (content) from which assets (scope) related to external threats will depend on the results of risk assessment and applicable legal requirements. The relevant risks and elements defined in laws, regulations, and contracts you need to fulfill will point out which assets you need to monitor, and which threats you are most exposed to.
For example, in case you have relevant risks related to zero days vulnerabilities related to operating systems, you may need to include monitoring of related manufacturers. Also, in case you have a contractual clause related to ensuring data availability in the supply chain, you may need to monitor the situation of your suppliers.
2 - Would it be adequate to comply with US’ FISMA Act 2002 (it is a US Act but is adopted worldwide as a best practice), and, as part of FIMA compliance, should we adopt NIST’s standards, namely, FIPS 199, FIPS 200, and the NIST 800?
First is important to note that you only need to implement FISMA and related standards if they are required (e.g., due law or contract). In case they are not required there is no need to go for them.
Considering that, FISMA is most related to ISO 27001 clauses 4 to 10 (requirements for information security management), not to controls from Annex A (which are more related to FIPS 199, FIPS 200, and the NIST 800).
Specifically for implementing threat monitoring, NIST 800-53 has security controls that can be used to implement it, but this standard is not required to implement ISO 27001, and you only should use it if you are prepared to do some extra work.
This article will provide you with further explanation about threat monitoring:
- Detailed explanation of 11 new security controls in ISO 27001:2022 https://advisera.com/27001academy/explanation-of-11-new-iso-27001-2022-controls/
Comment as guest or Sign in
Jul 15, 2022