This Control directly supports the implied Control(s):
Establish, implement, and maintain a Technical Surveillance Countermeasures program., CC ID: 11401
This Control has the following implementation support Control(s):
Identify and document intelligence collection shortfalls., CC ID: 14078
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
Information relating to information security threats should be collected and analysed to produce threat intelligence. (§ 5.7 Control, ISO/IEC 27002:2022, Information security, cybersecurity and privacy protection â Information security controls, Third Edition)
A threat intelligence program helps an organization generate their own threat intelligence information and track trends to inform defensive priorities to mitigate risk. (M1019 Threat Intelligence Program, MITRE ATT&CK®, Enterprise Mitigations, Version 13.1)
The threat context identifies threat sources, threat events, and threat scenarios of concern for the system of interest. In particular, the threat context helps to identify the characteristics and behaviors of adversaries whose attacks would necessarily undermine the system's ability to execute or s… (3.2.1.4 ¶ 1, NIST SP 800-160, Developing Cyber-Resilient Systems: A Systems Security Engineering Approach, Volume 2, Revision 1)
