Cyber Security Brunei (CSB) announced its transition from ISO/IEC 27001:2013 to ISO/IEC 27001:2022 standards, showcasing its commitment to maintaining world-class information security practices.
Cybersecurity Malaysia conducted the ‘Surveillance 2 and Transition Audit’ from December 3 to 5, 2024 at CSB’s headquarters, evaluating its compliance with the updated standards.
The audit covered the Information Security Management System (ISMS) and included CSB’s key services: the Brunei Computer Emergency Response Team (BruCERT), the National Digital Forensics Laboratory, and the Cyber Watch Centre.
The entities play a pivotal role in coordinating cybersecurity efforts, facilitating digital forensic investigations, and monitoring critical information infrastructure (CII) for cyber threats. CSB’s transition to ISO/IEC 27001:2022 includes updated controls such as Threat Intelligence, ICT Readiness for Business Continuity, and Secure Coding. Reorganised into four categories – organisational, people, physical and technological – the updated controls, now reduced to 93 from the previous 114, streamline processes to enhance cybersecurity resilience and align with evolving international standards.
The successful completion of the audit led to the issuance of the ISO/IEC 27001:2022 certificate on January 16.
