com7

Discussion -1

What is Situational Awareness in Cyber Security? The idea of Situational Awareness is a critical one in data security digital security tasks. Situational Awareness is characterized as: "Inside a volume of reality, the impression of a venture's security stance and its danger condition; the perception/which means of both taken together (hazard); and the projection of their status into the not so distant future." [CNSSI 4009]. The National Institute of Standards and Technology (NIST) has a draft distribution for Interagency Report (IR) numbered 7756 that blueprints the CAESARS (Continuous Asset Evaluation, Situational Awareness and Risk Scoring) Framework. (Hawk, 2015)

On viewpoint presented inside the NIST IR 7756 is nonstop checking, which is characterized and exhibited as in an engineering outline. The graph introduces the interrelation and biology of the various layers of ceaseless observing components. It is imperative to remember this is a data stream chart and does not speak to an innovation arrangement. (Hawk, 2015)

As the pace of innovation and mechanical dangers keeps on propelling, we need better specialized arrangements and procedures to keep up. For instance, the information mining of the most recent decade is presently being increased with AI to comprehend information better and to increase more noteworthy bits of knowledge from it. Situational mindfulness requires contributions from an enormous number of frameworks, both inner and outer to the organization. Specialized frameworks went for the association may incorporate system the board, resource stock, security data and occasion the executives (SIEM), interruption counteractive action frameworks (IPS), endpoint operators, setup the executives, weakness appraisal frameworks. Outside frameworks may incorporate defenselessness and danger databases, information break sees, programmer information dumps, hash informational indexes, and endeavor subtleties. (Vanderburg, 2018)

AI can be utilized in situational attention to explore different avenues regarding speculative danger models to recognize the probability and effect of such dangers. This gives the data important to dole out a hazard esteem with the goal that organizations can decide whether controls ought to be executed to prepare for the risk. Also, AI can be utilized to recognize new speculations from the information. (Vanderburg, 2018)

Many hazards the board projects are receptive in that they are reacting to dangers that have just been acknowledged in the wild, yet situational mindfulness secures against dangers that presently can't seem to be figured it out. As the earth changes, dangers can be rethought with the new information. Notwithstanding when an organization chooses not to actualize assurance against a danger, the examination of the risk can be valuable in rapidly remediating a risk if it is later figured it out. Situational mindfulness can help your organization appropriately organize cybersecurity spending to accomplish better outcomes, yet organizations need to saddle the information from numerous inside and outside frameworks to achieve it. It is significant, along these lines, to pick the hidden advances admirably so they can associate well and give dependable execution and security. (Vanderburg, 2018)

 

Discussion-2

The United States Army field manual defines "Situational Awareness" as "Knowledge and Understanding of the current situation which promotes timely, relevant and accurate assessment of friendly, enemy and other operations with in the battle space in order to facilitate decision making" [1]

Situational awareness requires inputs from a large number of systems, both internal and external to the company. Technical systems aimed at the organization might include network management, asset inventory, security information and event management (SIEM), intrusion prevention systems (IPS), vulnerability assessment systems. External systems may include vulnerability and threat databases, data breach notices, hash data sets and exploit details[2].

Comprehensive cyber situation awareness mainly involves three key areas: computing and network components, threat information and mission dependencies. [3]

Network awareness- To achieve this, one should recognize and share incident awareness across the organization, perform routine vulnerability auditing, patch management and compliance reporting.

Threat awareness- Associates should be aware of external threats, Identify and track internal incidents and suspicious behavior of other associates.

Mission awareness- Organization should create a clear understanding of the critical dependencies to support mission impact in forensic analysis, Employees should be made aware of readiness assessments and informed defense planning when any cyberattack occur.  

Therefore, for an organization, situation awareness has become a driver for threat detection and response control because of its ability to respond to threats that might happen in the future, when the environment changes threats can be reevaluated with new data, Identify the threat actors and recognize trends in their activities, Helps organization to prioritize cybersecurity spending to achieve better results.