A report called ‘Cyber Security Monitoring Guide’ has been released by Crest detailing how organisations need to focus their resources and attention deeper on security monitoring and logging issues to help detect potential Cyber-Security attempts.
Crest, a “not for profit organisation that serves the needs of a technical information security marketplace” detailed their findings in the form of a guide. The aim of this guide is to provide practical advice how organisations can “manage logs effectively, deal with suspicious events, use cyber security intelligence and address challenges” providing focus on the following points:
- Identify potential indicators of compromise (IOC) at an early stage;
- Investigate them effectively; and
- Take appropriate action to reduce the frequency and impact of cyber security incidents
Within this guide, Jason Creasey, author of the CREST report and managing director of consultancy Jerakan commented that “organisations seldom have an adequate cyber-security logging and monitoring capability” and that they “often suffer from a lack of budget, resources, technology or recognition of the type and magnitude of the problem. Additionally, organisations often put blind trust in the monitoring tools they have purchased, giving them a false sense of security.”
The Cyber Security Monitoring Guide details how many organisations are finding relief and assistance from potential cyber threats by employing an external Security Operation Centre (SOC). A SOC is where “enterprise information systems (web sites, applications, databases, data centres and servers, networks, desktops and other endpoints) are monitored, assessed, and defended” by a cyber-security expert. Some SOC’s (including Signal Networks own) go beyond simply monitoring and supporting organisations data. At Signal Networks, our SOC will advise and assist how to deal with any detected threats and eliminate it before it has any potential to cause harm.
Our SOC and IT Security Consultants utilise the latest’s tools and methods in able to offer our clients secure and effective methods to protect their organisations data whilst compiling to any PCI DSS and Government obligatory guidelines.
To read more, please click here…