Share on:

What is ISO 27002?

The International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27002 is an international standard that provides guidance for organizations looking to establish, implement, and improve an Information Security Management System (ISMS) focused on cybersecurity. 

While ISO/IEC 27001 outlines the requirements for an ISMS, ISO/IEC 27002 offers best practices and control objectives related to key cybersecurity aspects including access control, cryptography, human resource security, and incident response.

Manufacturing companies that need to meet ISO 27002 compliance can easily prove their adherence to standards with Blumira’s new pre-built global reports. They can also use Blumira’s ISO 27001 compliance reports.

Protecting Against Manufacturing Cybersecurity Risks

The manufacturing industry runs the risk of downtime due to ransomware attacks, which doubled in 2022 alone, targeting industrial infrastructure. They also could be at risk of intellectual property (IP) theft or extortion, if an attacker was able to compromise this type of data. Meanwhile, supply chain attacks also result in downtime, negatively impacting production.

How Can Blumira Help With ISO 27002?

Complying with ISO 27002 can help protect against manufacturing security risks with the ongoing use of an information security management system. 

Blumira’s SIEM + XDR security platform helps your organization easily meet and exceed ISO 27001 compliance requirements for logging, monitoring, threat detection and response.

By regularly running and scheduling Blumira’s ISO 27002 reports, you can easily prove your compliance to an auditor for certain controls.

Which Reports Map to Which ISO 27002 Controls?

See which Blumira reports map to which ISO 27002 controls so you can easily hand over pre-built reports to your auditor to prove your compliance. Please note that each report is available for certain integrations, which are listed under each report below:

ISO 27002 ControlsBlumira’s Global Reports
5 Organizational Controls: System Changes – Record critical configuration and policy changesISO 27002 Windows GPO Updates
ISO 27002 Firewall Configuration Change

Available for: Windows, Fortigate, Palo Alto, Sophos XG, Cisco ASA, Sonicwall
5 IDS/IPS Alerts – Identify potential intrusion attempts and malwareISO 27001 IDS/IPS Alerts

Available for: Fortigate, Umbrella, Checkpoint, PaloAlto, Sonicwall, Sophos XG
5.15 Access Control: Failed Logins – Identify brute force and other credential attacksISO 27002 Controls - Failed Logins

Available for: Windows, Linux, MacOS
5.15 Access Control: Password Resets – Track password changes for awareness of compromised accountsISO 27002 - Password Change
Available for: Windows

ISO 27002 - Azure Password Change
Available for: Azure
5.16 Identity Management: Logins by Location – Spot access from unfamiliar regionsISO 27002 Logins from Outside US
ISO 27002 Logins from Outside UK
ISO 27002 Logins from Outside CA
ISO 27002 Logins from Outside AUS

Available for: Azure, Microsoft 365, Duo, Okta
5.16 Identity Management: VPN Connections – Monitor remote access methods and usersISO 27002 VPN Connections

Available for: Fortigate, Cisco ASA, WatchGuard, GlobalProtect, SonicWall, Sophos
5.18 Access Rights: USB Device Usage – Detect unauthorized devices plugged into endpointsISO 27002 - USB Device Attached
Available for: Windows

ISO 27002 Controls - Mounted Device
ISO 27002 Controls - USB Device Attached
Available for: MacOS
5.18 Access Rights: Account Lockouts – Find accounts locked due to excessive failed loginsISO 27002 Account Lockouts
8.2 Privileged Access – Track access by administrators and power usersISO 27002 Controls - Administrator Access
Available for: Windows

ISO 27002 Controls - Admin/root Access
Available for: Linux
8.15 Logging: Log Tampering – Detect modifications or deletions of log dataISO 27002 Controls Log Tampering - Clearing of Windows Event Log
ISO 27002 Controls Log Tampering - Clearing of Windows Security Event Log

Available for: Windows
8.20 Network Controls: Firewall Traffic – Analyze allowed/blocked connections at perimeterISO 27002 - Allowed Firewall Traffic
ISO 27002 - Blocked Firewall Traffic

How Can I Access the ISO Reports?

Blumira customers on paid editions can use global and saved reports to easily access ISO compliance reports, as well as many other reports to analyze the logged events that you send Blumira. 

To view an ISO global report or one of your saved reports, follow these easy steps:

  1. Navigate to Reporting > Report Builder. Adjust time range as needed.
  2. Click to open the additional options menu (the three dot menu seen on the right side).
  3. Click Load Saved Report. Type “ISO” into the search box at the top of the Saved Reports screen.
  4. In the Saved Reports window, click the report that you want to use.

Note: You can type a name or keyword to filter the list or scroll to find a specific report. When you search “ISO,” the compliance reports you can view will vary based on which integrations you currently have set up for your organization.

Get more tips on how to use Blumira’s Report Builder in our documentation article, Using global and saved reports.

Blumira For Compliance: Easy & Effective Security For SMBs

It’s easy to help meet or support multiple compliance controls using Blumira’s SIEM + XDR platform. Time-strapped IT teams can do more with one solution that combines SIEM, endpoint visibility and automated response. See our recent post on NIST compliance reports and the different compliance frameworks we support.

There’s a few different ways you can get started with Blumira:

  • Free SIEM – Choose up to 3 cloud integrations, set up in minutes, send logs to Blumira and start seeing security value right away. Our Free SIEM gives you a limited version of our product with 14 days of data retention.
  • Try SIEM + XDR Free – Sign up for a free 30-day trial of Blumira’s XDR edition up and running to experience the full SIEM, endpoint visibility and automated response platform. You will need to sign up for a free SIEM account, go to the left menu, then click Learn More > Start Free Trial to activate your XDR trial.
  • See a Demo – Not ready to try Blumira yet? Watch our product demo video or contact our team to walk through a demo of Blumira’s XDR Platform to get all of your questions answered.

Are you an MSP? Check out our MSP Program with NFR licensing for partners.

Security news and stories right to your inbox!