Recommended
Recommended
More Related Content
Similar to Security-Monitoring-and-Improvement.pptx
Similar to Security-Monitoring-and-Improvement.pptx (20)
More from MuhammadAbdullah311866
More from MuhammadAbdullah311866 (20)
Recently uploaded
Recently uploaded (20)
Security-Monitoring-and-Improvement.pptx
- 1. Security Monitoring and Improvement Effective security monitoring enables timely detection of threats. Regular audits provide insight into compliance and identify areas for improvement. This chapter examines techniques for auditing, performance measurement, and risk reporting. by Muhammad Atif Imtiaz
- 2. Security Audit Model 1 Event Discrimination Software monitors system activity, detecting security events. 2 Audit Recording Security events are recorded in an audit trail. 3 Analysis & Reporting Audit trail is analyzed to uncover security violations.
- 3. Audit Trail Data 1 System Events Login attempts, OS functions performed. 2 Application Events Database queries, emails sent/received. 3 User Activity Commands issued, resources accessed. 4 Network Traffic Firewall logs, VPN connections.
- 4. Security Performance Metrics Strategic Support Aid decision-making for planning and resource allocation. Quality Assurance Identify vulnerabilities during development lifecycle. Tactical Oversight Monitor security posture and compliance.
- 5. Metric Development Define Goals Establish clear objectives for the metrics program. Select Metrics Choose metrics from authoritative sources like NIST. Implement Strategies Plan data collection, reporting formats, responsibilities. Establish Benchmarks Compare against industry peers to identify improvement areas.
- 6. Security Monitoring Performance Reporting Assess delivery against targets and enterprise objectives. Control Monitoring Continuously evaluate control environment effectiveness. Compliance Verification Confirm adherence to policies, regulations, contracts. Corrective Actions Identify and initiate improvements based on findings.
- 7. Information Risk Reporting Objective Provide executive management visibility into information risks Contents Threats, vulnerabilities, security events, risk changes Benefits Enable timely response, maintain acceptable risk levels Audience Executive management
- 8. Compliance Monitoring Regulations Monitor adherence to laws and industry rules. Contracts Ensure security controls meet contractual obligations. Policies Verify alignment with organizational security policies.
- 9. Security Audit Best Practices Planning Define methodology and scope for audits. Fieldwork Collect evidence, perform tests, record results. Reporting Document findings and recommendations. Monitoring Track risk treatment and control implementation.
- 10. Continuous Improvement Regular auditing, monitoring and reporting enable an ongoing cycle of security assessment and enhancement. By measuring performance against defined metrics, an organization can identify vulnerabilities, implement corrective actions, and continuously improve its security posture over time.