Security Monitoring and Improvement
If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom the secret was told.
—The Art of War, Sun Tzu
After studying this chapter, you should be able to:
Present the X.816 model of security audit and alarms.
List useful information to collect in security audit trails.
Discuss security audit controls.
Understand the use of metrics in security performance monitoring.
Describe the essential elements of information risk reporting.
Discuss what is involved in information security compliance monitoring.
Present an overview of security monitoring and improvement best practices.
This chapter looks at two aspects ...