Content library
ISO 27001 (2013): Full
12.2: Protection from malware

How to fill the requirement

ISO 27001 (2013): Full

12.2: Protection from malware

Task name
Priority
Status
Theme
Policy
Other requirements
Selection and use of malware detection software on all devices
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
22
requirements

Task is fulfilling also these other security requirements

I09: Haittaohjelmasuojaus
Katakri
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
6.5: Tietojärjestelmien asennus, ylläpito ja päivitys
Self-monitoring
DE.CM-4: Malicious code detection
NIST
1. Task description

Centrally select and install malware detection and repair programs and update them regularly for preventive or regular scanning of computers and media.

Programs should check at least the following:

  • files received over the network or storage media are scanned for malware before use
  • email attachments and downloaded files are scanned for malware before use
  • websites are scanned for malware
Automatically updating and running malware prevention software
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
System management
Update and patch management
19
requirements

Task is fulfilling also these other security requirements

I09: Haittaohjelmasuojaus
Katakri
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
6.5: Tietojärjestelmien asennus, ylläpito ja päivitys
Self-monitoring
MWP-01: Keeping anti-malware software up to date
Cyber Essentials
1. Task description

Malware protection systems automatically check for and install updates at desired intervals and also run the desired scans at the selected frequency without needed user actions.

Procedures and data sources for gathering reliable information about malware
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
7
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
ID.RA-2: Cyber threat intelligence
NIST
8.7: Protection against malware
ISO27k1 Full
ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources.
CyFun
1. Task description

The organization has defined policies that regularly collect up-to-date and reliable information about malware. Such can be e.g. mailing lists, magazines, blogs from security software vendors, or security news sites.

The purpose of the data sources is to verify the information on malware, to distinguish the scams from real malware and to ensure that the warnings received are truthful and informative.

Regular malware inspection of data systems supporting critical business processes
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
12
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
PR.DS-6: Integrity checking
NIST
DE.CM-4: Malicious code detection
NIST
8.7: Protection against malware
ISO27k1 Full
1. Task description

The data systems (and their content) that support critical business processes are regularly reviewed to locate malware. All unauthorized files and changes will be formally investigated.

Detecting and blocking access to dangerous websites
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
6
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
8.7: Protection against malware
ISO27k1 Full
8.23: Web filtering
ISO27k1 Full
CC6.8: Detection and prevention of unauthorized or malicious software
SOC 2
1. Task description

The organization must identify the types of websites that staff should and should not have access to.

The organization must consider blocking access to the following types of sites (either automatically or by other means):

  • websites with a file upload function, unless this is permitted for a specific business need
  • known or suspected malicious websites (e.g. distributing malware or containing phishing content)
  • command and control servers
  • websites distributing illegal content
Instructing and training staff regarding malware
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
13
requirements

Task is fulfilling also these other security requirements

I09: Haittaohjelmasuojaus
Katakri
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
7.2.2: Information security awareness, education and training
ISO27 Full
TEK-11: Haittaohjelmilta suojautuminen
Julkri
1. Task description

The organization regularly trains staff on the use of utilized malware protection, reporting malware attacks, and recovering from malware attacks.

Informing staff about new, relevant malware
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
5
requirements

Task is fulfilling also these other security requirements

7.2.2: Information security awareness, education and training
ISO27 Full
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
WORKFORCE-2: Increase Cybersecurity Awareness
C2M2: MIL1
2.1.3: Staff training
TISAX
1. Task description

Ensuring staff security awareness is an important part of protection against malware. Because of this, staff are regularly informed of new types of malware that may threaten them.

Automatic blocking and detecting of unauthorized software
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
12
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
DE.CM-5: Unauthorized mobile code detection
NIST
8.7: Protection against malware
ISO27k1 Full
5.2.3: Malware protection
TISAX
1. Task description

Our organization has defined policies in place to prevent or at least detect the use of unauthorized programs.

Use malware systems from multiple vendors
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
4
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
DE.CM-4: Malicious code detection
NIST
DE.CM-4: Malicious code is detected.
CyFun
1. Task description

We always use malware systems from multiple vendors to improve the likelihood of detecting malware.

Detecting unconfirmed mobile apps
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Technical cyber security
Malware protection
5
requirements

Task is fulfilling also these other security requirements

12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
SEC-03: Removing unnecessary software and network services
Cyber Essentials
DE.CM-5: Unauthorized mobile code is detected.
CyFun
2.3.2: Configure clients so that only software known to the organisation is able to execute
NSM ICT-SP
1. Task description

Our organization has defined policies in place to prevent or at least detect the use of unauthorized programs on mobile devices (e.g. smartphones, tablets).

Training the use of security systems and reporting of malware attacks
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Personnel security
Cyber security training
4
requirements

Task is fulfilling also these other security requirements

7.2.2: Information security awareness, education and training
ISO27 Full
12.2.1: Controls against malware
ISO27 Full
12.2: Protection from malware
ISO27 Full
8.7: Protection against malware
ISO27k1 Full
1. Task description

Our organization has defined procedures and responsibilities for protecting systems from malware and trains staff to use the protections and to report and recover from malware attacks.

No items found.