Week 2 Mod 2-Case
527-MODULE 2 CASE
Continuous monitoring is a critical part of risk management process. "Continuous
monitoring is ongoing observance with intent to provide warning. A continuous
monitoring capability is the ongoing observance and analysis of the operational
states of systems to provide decision support regarding situational awareness and
deviations from expectations." —Source: Keith Willett (MITRE) in support of the
NSA.
"Information Security Continuous Monitoring (ISCM) is defined as maintaining
ongoing awareness of information security, vulnerabilities, and threats to support
organizational risk management decisions." —NIST.
Organizations should establish, implement, and maintain ISCM. ISCM should be a
recursive process as its monitoring strategy is continually refined so that ISCM is a
robust system. Tiered organization-wide ISCM framework and dynamic ISCM
processes are proposed by the National Institute of Standards and Technology.
Please scan through the important framework and processes in the following article.
Its Appendix D "Technologies for Enabling ISCM" provides some technical and
managerial details and examples.
NIST (2011). Information Security -- Information Security Continuous Monitoring
(ISCM) for Federal Information Systems and Organizations. National Institute of
Standards and Technology Special Publication 800-137.
Additional reference models are also provided and extended to go more in depth
both technically and managerially. Please investigate the CAESARS model below
and its extension.
DHS (2011). Continuous Asset Evaluation, Situational Awareness, and Risk Scoring
Reference Architecture Report (CAESARS). Department of Homeland Security.
Mell, P. (2011) Presentation: An Enterprise Continuous Monitoring Technical
Reference Model. Jointly developed by the U.S. National Security Agency, the U.S.
Department of Homeland Security, and the National Institute of Standards and
Technology.
After reading the above articles, please write a 3 PAGE PAPER TITLED: MUST HAVE IN TEXT CITATIONS THAT MATCH REFERENCES MUST BE LESS THAN 7% TURNITIN/SAFE ASSIGN SCORE!!
"Information Security Continuous Monitoring—Challenges and Solutions"
Please address the following issues in your paper:
1. The importance of continuous monitoring of information systems
2. The technical and managerial challenges of continuous monitoring
3. The technical and managerial solutions to continuous monitoring, including
framework, processes, etc.
9 years ago 15
Purchase the answer to view it
- order_68228_164153.doc
- Network Management
- Lab on Series and Parallel RC Circuits
- Theories of personality
- As agreed Week 4 Prof. Jim ONLY
- NTC 362 Week 1
- In this discussion, you will solve quadratic equations by two main methods:
- homwork moduleone speech
- ISCOM/305 ISCOM 305 ISCOM305 Week 1 - Individual Assignment - Employee Data Collection Training Paper - A+ & Original Guaranteed from an A+ rated tutor!
- ISCOM/383 ISCOM 383 ISCOM383 Week 4 - Individual Assignment - Value Chain Strategies Case Analysis (Case 6-2) Paper - A+ & Original Guaranteed from an A+ rated tutor!
- Consider a datagram network using 16-bit host addresses. Suppose a router uses longest prefix matching and has the following forwarding...