TY - GEN
T1 - Leveraging information security continuous monitoring for cyber defense
AU - Al Sadhan, Tina
AU - Park, Joon
PY - 2015
Y1 - 2015
N2 - Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.
AB - Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.
KW - Cyber security
KW - Information security continuous monitoring
KW - Risk management
KW - Security automation
UR - http://www.scopus.com/inward/record.url?scp=84969234369&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84969234369&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84969234369
T3 - Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015
SP - 401
EP - 408
BT - Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015
A2 - Zaaiman, Jannie
A2 - Leenen, Louise
PB - Academic Conferences Limited
T2 - 10th International Conference on Cyber Warfare and Security, ICCWS 2015
Y2 - 24 March 2015 through 25 March 2015
ER -