Recommended Monitoring Targets
To help you determine the best targets for security monitoring, you must build on your security policies and documented network topology, as we described in Chapters 2 and 3. Armed with those decisions and documented knowledge, you should conduct a structured assessment of the systems that comprise your company.
Conduct a BIA. Most enterprises have a team focused on business continuity and disaster preparation. Contact them and ask for the results of the most recent BIA, or ask them to conduct one in preparation for security monitoring. The BIA will produce, among other things, a list of critical IT systems. This is a good place to find targets for information security monitoring. The BIA will call out time-critical business processes and MTDs. Ordered by least amount of MTD, this list can become a priority order for applying security monitoring. Systems identified in such an assessment will likely include those responsible for revenue generation and those with high visibility profiles.
Conduct an Information Technology Security Assessment (ITSA). This formal appraisal will analyze the security of your IT systems to determine areas of risk. It should use the policies and network knowledge that you’ve documented as a benchmarking standard. To that end, it will incorporate examination of regulatory compliance, contractual/legal requirements, and systems that access sensitive data. The ITSA will produce a list of action items as well as an assessment of ...