12 new national NIS2 framework versions published! Read more ->
Cyberday back to normal - related blog
MIL1 requirements
a. Internal and external information sources to support threat management activities are identified, at least in an ad hoc manner
b. Information about cybersecurity threats is gathered and interpreted for the function, at least in an ad hoc manner
c. Threat objectives for the function are identified, at least in an ad hoc manner
d. Threats that are relevant to the delivery of the function are addressed, at least in an ad hoc manner
MIL2 requirements
e. A threat profile for the function is established that includes threat objectives and additional threat characteristics (for example, threat actor types, motives, capabilities, and targets)
f. Threat information sources that collectively address all components of the threat profile are prioritized and monitored
g. Identified threats are analyzed and prioritized and are addressed accordingly
h. Threat information is exchanged with stakeholders (for example, executives, operations staff, government, connected organizations, vendors, sector organizations, regulators, Information Sharing and Analysis Centers [ISACs])
MIL3 requirements
i. The threat profile for the function is updated periodically and according to defined triggers, such as system changes and external events
j. Threat monitoring and response activities leverage and trigger predefined states of operation (SITUATION-3g)
k. Secure, near-real-time methods are used for receiving and sharing threat information to enable rapid analysis and action
Organization carries out threat intelligence by analyzing and utilizing collected information about relevant cyber security threats related and corresponding protections.
When analyzing and utilizing the collected threat intelligence information, the following points must be taken into account:
Organization should share threat intelligence information actively with other organizations to improve its own threat awareness.
.png)
