ID.IM-01.177

Does your organization regularly conduct self-assessments of critical services that incorporate current threat intelligence and adversary tactics, techniques, and procedures (TTPs)?

Explanation

Regular self-assessments help identify vulnerabilities in critical services before they can be exploited by threat actors using current attack methods. These assessments should specifically consider the latest threat intelligence and known TTPs being used by adversaries targeting your industry or similar organizations. This proactive approach allows organizations to prioritize security improvements based on actual threat data rather than theoretical risks. Evidence of fulfillment could include documented self-assessment reports that reference specific threat intelligence sources, identify which critical services were assessed, detail the TTPs considered during the assessment, and outline findings and remediation plans with timelines. These reports should demonstrate a regular cadence of assessments (e.g., quarterly or after significant threat landscape changes).

Implementation Example

Perform self-assessments of critical services that take current threats and TTPs into consideration

ID: ID.IM-01.177

Context

Function: ID: IDENTIFY
Category: ID.IM: Improvement
Sub-Category: Improvements are identified from evaluations

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub