Security Monitoring
The first goal of a security program is to set the security posture of an organization. The security policy defines the security posture, but the security program carries out the policy in actions. A security posture specifies how an organization documents initial configurations, monitors activity, and remediates any detected issues. Monitoring is an important part of any security program, and its primary purpose is to detect abnormal behavior. After all, you cannot remediate behavior that you do not detect. Security monitoring systems might be technical in nature, such as an IDS, or they might be administrative, for example, observing employee or customer behavior on a closed-circuit TV.
When you detect abnormal or unacceptable ...
Get Fundamentals of Information Systems Security, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
