all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Verifying a vendor who claims to be 'working towards' ISO27001

Add to bookmarks
Dec. 10, 2023, 11 a.m. | /u/CptUnderpants-

cybersecurity www.reddit.com

I'm in the process of an internal audit and I've got a vendor who is refusing to provide any information about their cybersecurity posture other than "We're working towards ISO27001 certification". They have claimed that any information provided about their security could compromise their potential certification. It hasn't been in depth questions, more along the lines of do they enforce 2FA, do you have an incident management process, do you use encryption at rest and in transit, etc.

With no …

audit certification claims compromise cybersecurity cybersecurity posture information internal internal audit iso27001 posture process security vendor working

Visit resource

More from www.reddit.com / cybersecurity

Bitwarden just launched their 2FA app 2 hours ago | www.reddit.com
2fa 2fa apps app apps +14
Panera Bread ransomware attack - initial access vector? 2 hours ago | www.reddit.com
access attack bread cybersecurity +7
New Cuttlefish malware infects routers to monitor traffic for credentials 5 hours ago | www.reddit.com
credentials cuttlefish cuttlefish malware cybersecurity +4
How to attack through vulnerability PC in Internal network to another device in it. 6 hours ago | www.reddit.com
ask attack call can +10
Shortridge Makes Sense of the 2024 Verizon DBIR 10 hours ago | www.reddit.com
big cybersecurity dbir fan +2
CISA Releases Fact Sheet on Defending OT Environments 12 hours ago | www.reddit.com
cisa cybersecurity defending environments +3
For those actively in the job market and having trouble, what specifically is the hardest … 13 hours ago | www.reddit.com
bad current cybersecurity experience +9
Dropbox Says Hackers Breached Digital-Signature Product 13 hours ago | www.reddit.com
breached cybersecurity digital dropbox +3
Creating a breach search website? 18 hours ago | www.reddit.com
breach breached breaches companies +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs