The risk of data theft has increased significantly over the past years. As a consequence, overwhelming
damage is caused to institutions and private persons, respectively. Even the widespread ISO standard
27001 was updated recently in October 2022 to integrate data exfiltration aspects. Corresponding new
security controls have been introduced. In this paper we review the ISO 27001:2022 with respect to data
exfiltration and come up with recommendations on how recently integrated ISO 27001:2022 controls can
be used in an operational environment. Based on that, we introduce and demonstrate the effectiveness of a
proactive and dynamic concept by integrating a simulation cycle into the Information Security
Management System (ISMS) and using cyber threat intelligence to provide us with information about
current threats. We provide a prototype for the threat simulation cycle based on a smart combination of
established and widely accepted cyber defence tools. Within our evaluation we show the feasibility of our
targeted and dynamically configurable simulation of data exfiltration threats and thus support to thwart
the actual cyber-attacks in advance. In all we contribute to prevent (or at least make it significantly more
difficult) the threat of data exfiltration. Dynamic, threat aware and preventive cyber-defence is our
objective, and we provide an updated concept which integrates conclusively into an ISO 27001:2022
compliant ISMS.
«The risk of data theft has increased significantly over the past years. As a consequence, overwhelming
damage is caused to institutions and private persons, respectively. Even the widespread ISO standard
27001 was updated recently in October 2022 to integrate data exfiltration aspects. Corresponding new
security controls have been introduced. In this paper we review the ISO 27001:2022 with respect to data
exfiltration and come up with recommendations on how recently integrated ISO 27001:...
»