+OIS-05 Threat Intelligence
---+OIS-05.01B
---+OIS-05.02B
---+OIS-05.03B
|
1. Übersicht
OIS-05 Threat Intelligence
-
| Bezeichnung |
Standard |
|
OIS-05.01B
|
The cloud service provider collects information from selected internal and external sources to gain a comprehensive view of the threat landscape that lead to cybersecurity risks.
Internal sources that can be used to collect information include, for example, the cloud service provider's internal security monitoring. External sources that can be used to collect information include, for example, threat intelligence feeds from government agencies, commercial threat intelligence providers or industry consortiums.
Threat intelligence generally includes different areas like cybersecurity risk intelligence gathering (e.g. monitoring relevant internal or external sources), threat modelling and risk management.
|
|
OIS-05.02B
|
The collected information is correlated and analysed to identify its potential impact on the cloud service provider's organisation.
This process can, for example, include correlating threat intelligence with organisational assets, vulnerabilities, and business processes to identify relevant and actionable threats. The results can be used to provide regular threat briefings to cloud service provider's management and security teams.
|
|
OIS-05.03B
|
The cloud service provider integrates threat intelligence insights into its risk management process (cf. OIS-07, OIS-08 and OIS-09).
If a threat model is used for this process, the cloud service provider can, for example:
1. Use structured methodologies (e.g., STRIDE, PASTA, LINDDUN) appropriate to the cloud service architecture;
2. Map current threat landscape intelligence to specific system components, data flows, and trust boundaries;
3. Incorporate real-time threat intelligence to update threat models dynamically rather than relying on static annual assessments;
4. Consider emerging attack vectors, techniques, and procedures (TTPs) documented in frameworks such as MITRE ATT&CK; and
5. Account for supply chain and third-party risks through extended threat modelling.
The aim of threat modelling is to ensure that the current internal and external threats are reflected in risk handling measures.
|
1.1 Referenzen
1.2 Identifizierte Anforderungen
1.2 Related Regulation
2. Identifizierte Anforderungen
Anforderungen
| Source |
Anforderung |
3. Related Regulations
Regulations
| Source |
Regulierung |
|