Chapter 18

Security Monitoring and Improvement

If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom the secret was told.

The Art of War, Sun Tzu

Learning Objectives

After studying this chapter, you should be able to:

  • Present the X.816 model of security audit and alarms.

  • List useful information to collect in security audit trails.

  • Discuss security audit controls.

  • Understand the use of metrics in security performance monitoring.

  • Describe the essential elements of information risk reporting.

  • Discuss what is involved in information security compliance monitoring.

  • Present an overview of security monitoring and improvement best practices.

This chapter looks at two aspects ...

Get Effective Cybersecurity: A Guide to Using Best Practices and Standards, First Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.