close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                            Netskope GovCloud
                            Netskope achieves FedRAMP High Authorization
                            Choose Netskope GovCloud to accelerate your agency’s transformation.
                              Let's Do Great Things Together
                              Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Netskope Technical Support
                                  Netskope Technical Support
                                  Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    Netskope video
                                    Netskope Training
                                    Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

                                      A Swiss Army Knife for ISO 27001:2022 Compliance

                                      Mar 28 2024

                                      ISO standards may not always jump out as the most exciting of topics for dinner party conversation, but their growing importance in business cannot be denied. And this year it is well worth us talking about ISO 27001:2022 specifically (though perhaps not over dinner). It is expected that as many as 90,000* organisations might renew their certification or gain it for the very first time this year. The auditors will be busy!

                                      For those who are renewing at the end of the three-year cycle, it is important to note that you will now be assessed under the newer 2022 standard specifications. This new version asks a lot more questions and is looking for conformity to a much more comprehensive framework.

                                      ISO/IEC 27001:2022 Annex A introduced 11 brand new controls, merged 24 controls and revised 58 controls. These controls relate to some pretty hot topics including threat intelligence, information security for the use of cloud services, data leakage prevention, and the nitty-gritty of monitoring and web filtering. It was a welcome update and an appropriate reaction to the changes, risks, and threats faced by organisations in our increasingly digitising world.

                                      I have heard some vendors enthusiastically making huge promises about the way their technology can ensure compliance, but when you are staring down the impending audit, such vague and excessive promises help no one. I will moderate my promises and provide specifics. Netskope One helps organisations comply with more than 70 of the controls required for certification, some fully and some partially. I know this because we have mapped it in detail. Imagine us as your cybersecurity Swiss Army knife for ISO 27001:2022 compliance with tools to help rationalise the standards.

                                      Let’s briefly look into each of the four aspects from the framework.

                                      The Organisational Backbone

                                      Organisation-wide controls are the backbone of ISO 27001:2022, focused on the policies, procedures and responsibilities needed for effective information security. And for our customers, the Netskope Zero Trust Engine sits at the heart of all information security policies and controls, using threat intelligence, identity, access management and more to inform and enforce controls in the moment and track their acknowledgement. This unified approach empowers an organisation to pre-emptively address potential cybersecurity threats and helps them comply with 32 of the controls in this section of the framework. 

                                      People Power

                                      ISO 27001 recognises the importance of people within an organisation’s security posture, and Netskope’s tools currently help organisations comply with six of the controls in this section of the certification. Including the enablement of secure remote working solutions and customisable coaching messages specific to applications in use and policy infringements, helping educate users and reinforce organisational requirements in the moment to build a stronger cybersecurity culture.

                                      Beyond the Physical to Technological

                                      While Netskope’s technology can supplement the physical control requirements of ISO 27001:2022 (such as protecting physical media via a technical control) I am determined to keep our promise of providing realistic information about where our tech specifically enables organisations to fully align to the ISO standard. So I will focus here on what we do in the Technological section—where we help organisations comply with 30 of the controls from the security of network services, web filtering, application security, and data leakage prevention.

                                      Wrapping Up

                                      So, what’s the takeaway? Adapting to ISO/IEC 27001:2022 is more than a checkbox exercise—it’s about strengthening your defences for the digital age. And that’s the same ethos that we had in building Netskope One.

                                      Curious to dive deeper? We’ve got just the thing. Download this guide that maps Netskope’s technology line by line, control by control, to the requirements of ISO 27001:2022. 

                                      *Last year, more than 75,000 ISO 27001 certificates were handed out, with a whopping 20% global growth rate. If they see the same growth rate this year you would be looking at around 90,000 audits!

                                      author image
                                      Rich Beckett
                                      Rich Beckett is a Senior Product Marketing Manager at Netskope focused on lighting up the business value of SASE to customers across EMEA.
                                      Rich Beckett is a Senior Product Marketing Manager at Netskope focused on lighting up the business value of SASE to customers across EMEA.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog