Verifying a vendor who claims to be 'working towards' ISO27001 | allinfosecnews.com

Dec. 10, 2023, 11 a.m. | /u/CptUnderpants-

cybersecurity www.reddit.com

I'm in the process of an internal audit and I've got a vendor who is refusing to provide any information about their cybersecurity posture other than "We're working towards ISO27001 certification". They have claimed that any information provided about their security could compromise their potential certification. It hasn't been in depth questions, more along the lines of do they enforce 2FA, do you have an incident management process, do you use encryption at rest and in transit, etc.

With no …

audit certification claims compromise cybersecurity cybersecurity posture information internal internal audit iso27001 posture process security vendor working

More from www.reddit.com / cybersecurity

What are your favorite cybersecurity YouTube channels for beginners? 2 hours ago | www.reddit.com

beginners cybersecurity youtube

What Blue Team CTFs or challenges platform would you recommend in 2024? 7 hours ago | www.reddit.com

analyst blue blue team boss +12

What's a free SIEM tool that's compatible with Windows Server? 14 hours ago | www.reddit.com

central college console cybersecurity +12

Where I can find or access the tools to learn? 14 hours ago | www.reddit.com

access can cyber cybersecurity +13

Copilot‘s screen-snapping Recall data stored in plain text 17 hours ago | www.reddit.com

copilot cybersecurity data plain text +3

Cops Swarm Global Cybercrime Botnet Infrastructure in 2 Massive Ops 19 hours ago | www.reddit.com

botnet cops cybercrime cybersecurity +4

What are the most common IAM and PAM solutions in cybersecurity? 20 hours ago | www.reddit.com

cybersecurity cybersecurity professional goal iam +5

How does hiring in APT groups work? 20 hours ago | www.reddit.com

apt apt groups can cybersecurity +5

State of WiFi Security in 2024 21 hours ago | www.reddit.com

article cybersecurity exploiting feedback +9

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com