Chapter 13: Identify and detect

Develop a system to identify anomalies that may signify an incident through automated, continual security monitoring, with manual follow-ups.

Effective security is about managing your risks, monitoring them to make sure they are acceptable and taking appropriate action if not. Importantly, it is not about eliminating all risk and achieving absolute security, as the trade-offs that approach would require – not having an online presence, for instance – are simply too great. However, an acceptable risk is still a risk. Even with a preventive measure in place, that measure might fail, or that measure may have been implemented to only reduce the impact and not necessarily to prevent the risk from materialising. Furthermore, ...

Get The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks by Alan Calder

CHAPTER 13: IDENTIFY AND DETECT

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly