I note that within the new ISO 27002 Code of Practice, there are no controls for cyber security. With this in mind, would the mitigation of cyber security be addressed with network architecture kept under review and implemented, use of IDS/IPS with their configuration kept up to date for access requirements, firewalls maintained correctly, policies & procedures and maintaining a proactive posture.
I have downloaded a copy of your book 9 steps to cyber security - Excellent reading.
This is correct, cyber security is not explicitly mentioned in ISO 27001 nor ISO 27002. And you are correct, the IT controls you mentioned should be used to protect your information systems from cyber threats. However, as I mentioned in my book 9 Steps to Cybersecurity, IT security is not going to be enough - other organizational controls, as well as human resources management controls (e.g., training & awareness) are also needed.