top of page

Threat intelligence, one of the 11 new controls introduced in the ISO 27001:2022 update.

Updated: Jan 22

What changed:

In 2022, ISO 27001 was updated to include 11 new controls, one of which is A.5.7, Threat Intelligence. This new control emphasises the importance of gathering and analysing information about threats, and using that information to take appropriate mitigation actions. Threat intelligence can help organisations to proactively identify and assess risks, develop effective controls, and deploy countermeasures to mitigate them.

What this means for any ISO 27001 certification renewal:

Certifications for the ISO27001 standard will increasingly be assessed against the new 2022 edition of the standard, therefore organisations must be aware of these changes. For organisations currently certified against ISO27001, all current certifications will expire on 31st October 2025, therefore you will need to implement the new controls within the 3 year recertification window.

Why threat intelligence is now a requirement:

In today's rapidly evolving threat landscape, businesses are facing a growing number of cyber threats and attacks. Without adequate threat intelligence, organisations are at risk of taking a reactionary approach to managing risks. This increases their risk of falling victim to attacks and may lead to significant financial and reputational damage.

By leveraging threat intelligence, businesses can take a more proactive approach. Incorporating threat intelligence into your security team allows organisations to gain valuable insights into emerging threats, vulnerabilities, and attack techniques, and take the necessary steps to protect their systems and data before they are attacked.

How Cytidel can help:

Threat intelligence is a critical component of any effective information security program. By providing timely and actionable insights into emerging threats and risks, businesses can stay ahead of the curve and protect their systems and data.

Cytidel’s threat intelligence service is designed by ISO and vulnerability intelligence specialists to help businesses meet the new ISO 27001:2022 control for threat intelligence, and to provide ongoing support and guidance for their security operations.

Cytidel customers get access to expert analysis in a variety of ways to ensure they can take proactive measures to protect their assets, systems and data.

What you get:

  1. Zero-day and Trending Vulnerability Alerts for your Vendors and Products

  2. Weekly Roundup

    1. A weekly summary of the latest key vulnerability news and stats

    2. Cytidel Spotlight that highlights vulnerabilities of interest, providing key detail and analysis.

    3. A look at the the top trending vulnerabilities across news and social.

  3. Patch Tuesday report (monthly)

  4. Advanced Vulnerability Intelligence Database (AVID)

    1. Access to our self-serve vulnerability research tool which includes expert analysis and remediation steps

    2. Ability to request Threat Intelligence for specific vulnerabilities from the tool

Company Profile

Cytidel is a cyber risk intelligence platform that helps organisations to make critical risk decisions powered by threat intelligence and business context. Cytidel provides actionable insights to CISO’s and security leaders, empowering them to reduce their cyber exposure efficiently.

Cytidel’s founders, Matt Conlon (CEO) and Conor Flannery (CTO), are vulnerability management specialists and certified ISO27001:2022 Auditors, ensuring our clients are primely positioned to address the requirement of implementing threat intelligence into their ISMS.

Contact us:

To get a sample report, or to find out how Cytidel can help you maintain or achieve your ISO certification with threat intelligence, please contact


bottom of page