Welcome to our Technical Topics page! 

Here you'll find information on the latest developments in project management, risk management, cybersecurity, artificial intelligence, organizational development, and the related global standards for their implementation, practice, and assessment.

Understanding ISO/IEC 27035: Building Incident Response Awareness for Businesses and Industry

This post provides a detailed introduction to ISO/IEC 27035 and its relevance to modern business. With cybersecurity increasingly under the spotlight, companies should know how to respond swiftly and effectively to threats.

In today’s digital age, cybersecurity incidents are inevitable. Whether it's a data breach, malware attack, or phishing scam, businesses must be ready to respond. ISO/IEC 27035 provides an essential framework for incident management within the broader landscape of the ISO/IEC 27000 family of standards, ensuring that businesses not only have the tools to detect and respond to cyber threats but can also minimize the impact and recover effectively.

What is ISO/IEC 27035?

ISO/IEC 27035, titled “Information security incident management, “is a standard that provides guidance on how to plan and prepare for information security incidents, detect and respond to them, and learn from past incidents to strengthen future defenses. It covers the full lifecycle of security incident management, including:

- Preparation(creating policies and setting up incident response teams),

- Detection and Reporting (systems and protocols for identifying incidents),

- Assessment (analyzing the scope and impact),

- Response (containing and resolving the threat),

- Learning (documenting the lessons learned to improve future incident handling).

How Does ISO/IEC 27035 Fit into the ISO/IEC 27000 Family?

The ISO/IEC 27000 series is a family of standards designed to help organizations manage information security risks. While ISO/IEC 27001 focuses on establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS), ISO/IEC 27035 dives specifically into incident management—a critical component of an effective ISMS.

By focusing on handling security breaches and incidents, ISO/IEC 27035 complements other standards in the family. For instance:

- ISO/IEC 27002 provides best practices for information security controls, and incident management from 27035 enhances those controls.

- ISO/IEC 27001 lays down the framework for an ISMS, while ISO/IEC 27035 ensures that when incidents occur, the system is robust enough to manage them effectively.

Relationship with ISO 31000 (Risk Management)

ISO 31000 is an international standard for Risk Management. While ISO/IEC 27035 focuses on managing incidents after they occur, ISO 31000 provides a more comprehensive framework for risk identification, evaluation, and mitigation before incidents happen.

The synergy between these standards is key: ISO 31000 helps organizations identify potential risks and put controls in place, reducing the likelihood of an incident, while ISO/IEC 27035 ensures that organizations are prepared to respond effectively to those risks if they materialize.

Why ISO/IEC 27035 Matters for Business and Industry

For businesses and industries relying heavily on digital operations, a well-prepared incident response is no longer optional—it’s critical. The financial, reputational, and legal impacts of a poorly managed incident can be devastating. By implementing ISO/IEC 27035, organizations gain several benefits:

- Improved Preparedness: Proactive preparation means fewer surprises when incidents arise.

- Faster Detection: Better detection systems reduce response time, helping mitigate damage.

- Effective Response: Containing threats quickly can prevent escalation and wider impacts.

- Continuous Improvement: Learning from past incidents ensures that future risks are mitigated more effectively.

Incorporating ISO/IEC 27035 into a company's security practices ensures an integrated and responsive approach to managing security incidents, aligning with broader risk management frameworks such as ISO 31000 and ensuring compliance with the wider ISO/IEC 27000 family of standards. By doing so, businesses can protect their data, operations, and reputation in the face of growing cyber threats.

For Additional Reading:

  • ISO/IEC 27035:2016 - Information technology — Security techniques — Information security incident management

   Available from the International Organization for Standardization (ISO), this standard provides detailed guidance on setting up and managing incident response processes in organizations.

  • ISO/IEC 27000 Family - Information Security Management Systems

   This page on the ISO website offers an overview of the entire 27000 family of standards, including ISO/IEC 27001 and 27035. 

   [ISO.org](https://www.iso.org/isoiec-27001-information-security.html)

  • ISO 31000:2018 - Risk Management Guidelines

   This standard provides a framework for managing risk across various domains, including information security. 

   [ISO.org](https://www.iso.org/iso-31000-risk-management.html)

  • NIST Special Publication 800-61 Rev. 2 - Computer Security Incident Handling Guide

   This publication from the National Institute of Standards and Technology (NIST) aligns with the principles of ISO/IEC 27035 and provides additional context for incident handling in the U.S. context. 

   [NIST.gov](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf)

The Interplay of Artificial Intelligence, Cybersecurity, and Risk Management in Organizations

In today's digital era, where cyber threats are increasingly sophisticated and pervasive, organizations must constantly refine their strategies to protect sensitive data and maintain system integrity. The integration of Artificial Intelligence (AI) into cybersecurity practices offers significant enhancements in detecting and responding to potential threats. Furthermore, effective risk management, guided by established standards such as those from the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), is crucial for building robust security frameworks.

Artificial Intelligence in Cybersecurity

AI technologies, including machine learning (ML) and natural language processing (NLP), have revolutionized cybersecurity by providing advanced tools that can analyze vast amounts of data at unprecedented speeds. AI systems can identify patterns and anomalies that might indicate a security threat, from malware attacks to unusual network traffic, which a human analyst might overlook.

For instance, AI-driven security systems can automate the threat detection process, thereby reducing the time it takes to identify breaches and minimizing the window of opportunity for attackers. Additionally, AI enhances the accuracy of threat detection with its learning capabilities, continuously adapting and improving based on new data, threats, and feedback.

Cybersecurity and Risk Management

Risk management is a critical pillar of cybersecurity. It involves identifying, analyzing, and mitigating risks associated with network and data security. Effective risk management ensures that protective measures align with the specific threats an organization faces and the critical nature of the assets at risk.

AI contributes to risk management by providing predictive insights into potential vulnerabilities and threat landscapes. These insights enable organizations to allocate resources more efficiently and implement proactive strategies tailored to anticipated cyber threats.

Relevant ISO and IEC Standards

In the rapidly evolving landscape of cybersecurity and risk management, staying updated with the latest standards is essential for organizations aiming to protect their digital assets effectively. Several ISO and IEC standards play pivotal roles in shaping the cybersecurity and risk management frameworks of organizations:

  1. ISO/IEC 27001 - This is perhaps the most well-known standard concerning information security management systems (ISMS). It provides a framework for organizations to establish, implement, maintain, and continuously improve an ISMS. The standard emphasizes the importance of assessing and treating information security risks tailored to the needs of the organization.
  2. ISO/IEC 27032 - This standard focuses on cybersecurity and provides guidelines for enhancing the security of digital networks and the internet. It emphasizes the role of different stakeholders in cyberspace, promoting a safer and more secure digital ecosystem.
  3. ISO/IEC 31000 - Although not exclusively for cybersecurity, this standard outlines guidelines for risk management. It offers principles, a framework, and a process for managing risk that can be applied to various organizational activities, including cybersecurity.
  4. ISO/IEC 27005 - This standard is specifically tailored towards information security risk management. It provides guidelines based on ISO/IEC 27001 and is designed to assist organizations in implementing and maintaining risk management within an ISMS context.
  5. ISO/IEC 42001:2023 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS)1. It is designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems.

How Organizations Can Prepare

Organizations looking to adapt to the upcoming changes in the ISO/IEC 27001 standard can begin by:

  1. Conclusion Conducting a Gap Analysis: Assess the current ISMS against the anticipated changes to the standard to identify areas requiring enhancement or modification.
  2. Training and Awareness: Preparing the internal team for upcoming changes by organizing training sessions focused on the new elements of the standard.
  3. Integrating Technology: Leveraging AI and other technologies in their ISMS, anticipating the greater emphasis these will have in the new version of the standard.
  4. Engaging with Experts: Consulting with cybersecurity and risk management experts who are familiar with the standard’s revisions to ensure that the organization’s ISMS aligns with the new requirements.

Conclusion

The integration of AI into cybersecurity and risk management not only enhances an organization’s ability to respond to immediate threats but also helps in predictive risk analysis and strategic planning. By adhering to ISO and IEC standards, organizations can ensure a systematic, well-structured approach to managing security risks. This combination of advanced technology and standardized practices is essential in forming a dynamic defense against the ever-evolving landscape of cyber threats. The upcoming revision of ISO/IEC 27001 is an important reminder of the need for organizations to stay proactive in their cybersecurity and risk management efforts. By preparing for and adapting to these changes, organizations can ensure that their risk management strategies remain robust and effective against the backdrop of an increasingly complex cyber threat environment. As these standards evolve, they offer a pathway for organizations to reinforce their commitment to securing their assets and maintaining trust with stakeholders.

By Hubert T. Robertson

MBA, MSc, PMP, PMI-RMP, CIPM, MPM,

PECB Certified ISO 21502 Senior Lead Project Manager 

References

  1. International Organization for Standardization (ISO): ISO/IEC 27001 Information security management systems — Requirements. ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements
  2. International Organization for Standardization (ISO): ISO/IEC 27032 Guidelines for cybersecurity. ISO/IEC 27032:2023 - Cybersecurity — Guidelines for Internet security
  3. International Organization for Standardization (ISO): ISO/IEC 31000 Risk management — Guidelines. ISO - ISO 31000 — Risk management
  4. International Organization for Standardization (ISO): ISO/IEC 27005 Information security risk management. ISO/IEC 27005:2018 - Information technology — Security techniques — Information security risk management
  5. International Organization for Standardization (ISO): ISO/IEC 42001:2023 Artificial Intelligence Management System — Requirements. https://pecb.com/en/education-and-certification-for-individuals/iso-iec-42001  
  6. Columbus, L. (2021). How AI Is Improving Cybersecurity. Forbes. How AI Is Disrupting And Transforming The Cybersecurity Landscape (forbes.com)
  7. McKinsey & Company (2019). How artificial intelligence can improve resilience in operating models. https://www.mckinsey.com/~/media/McKinsey/Industries/Metals%20and%20Mining/Our%20Insights/How%20artificial%20intelligence%20can%20improve%20resilience%20in%20mineral%20processing%20during%20uncertain%20times/How-artificial-intelligence-can-improve-resilience-in-mineral-processing.pdf
  8. NIST (National Institute of Standards and Technology) (2020). Risk Management Framework. NIST Special Publication 800-37.

 

 

unsplash