It is
important that all considerable changes in technological risks are included in
the risk mapping. New risks related to major shifts in technology such as the
use of artificial intelligence, quantum computing, etc. should also be
considered. Similarly, risks that are related to the growing use of existing
technologies such as cloud computing and IoT should also be considered in the
risk landscape.
Monitoring
cyber threats provides critical information on changing conditions that could
potentially affect the ability of organizations to conduct core missions and
business functions. Information derived from the ongoing monitoring of risk
factors can be used to refresh risk assessments at whatever frequency deemed
appropriate.
Monitoring
of cyber threats is a continuously ongoing activity. The responsibility of
cyber threat monitoring should be assigned to appropriate employees. For
monitoring, there are numerous sources to obtain information of the latest
cyber threats - mailing lists, CERT Tonga regular notifications/advisories,
other CERTs’ advisories, vendor notifications/advisories and security news
feeds. Once relevant new cyber threats have been identified, the applicability
of advisories in the organisation should be assessed and timely corrective
actions should be planned and executed.
created with
HTML Website Builder .