Top Threats

  • 1.  CSA International Standardization Council

    Posted Apr 01, 2021 12:49:00 PM
    Edited by Vic Hargrave Apr 02, 2021 05:13:58 PM

    Hi all.

    The group, except for Jon-Michael, probably does not realize that I represent The Top Threats Working Group on the CSA International Standardization Council that meets every month.  I have been doing this for well over a year now, ever since Victor Chin was the CSA head of our group.  

    The council is very preoccupied with the ISO Cloud Security Standards, specifically the ISO 27001 and 27002 the latter of which is being drafted as I write this.  My question to the group - but more specifically to Jon_Michael, Alex, and Sean - is, do we have any interest in the goings-on of the ISO council in general and these standards specifically?  Frankly, I have not seen anything that would interest us in the nearly year and a half I have been involved with the council.  If there had been, I would have brought it up.

    Let me know whether or not you have some topics to discuss with the council or specific info I should be bringing back to our group.  I'm currently evaluating whether it is worth my time to continue with the ISO council meetings.  If none of you have any interest, I'm fine with that.  


    -- vic

    Vic Hargrave
    Senior Cyber Analyst/Engineer
    Forcepoint, LLC

  • 2.  RE: CSA International Standardization Council

    Posted Apr 02, 2021 09:44:00 AM
    Hi Vic, I think the Top Threats work is critically important and I totally support ongoing development and maintenance.  

    I leverage the now dated Top 11 report from 2019 on a weekly basis with enterprise stakeholders and I was hopeful to learn about a 2021 update.  

    I am happy to help as well as bring some of my team to the table if we need resources to keep this work moving forward.  We have found some opportunities in the 2019 Top 11 report that can be improved and we are happy to share/help/partner on whatever level. 


    ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐