Leveraging information security continuous monitoring for cyber defense

Tina Al Sadhan, Joon Park

Research output: Chapter in Book/Entry/PoemConference contribution

5 Scopus citations

Abstract

Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.

Original languageEnglish (US)
Title of host publicationProceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015
EditorsJannie Zaaiman, Louise Leenen
PublisherAcademic Conferences Limited
Pages401-408
Number of pages8
ISBN (Electronic)9781910309964
StatePublished - 2015
Event10th International Conference on Cyber Warfare and Security, ICCWS 2015 - , South Africa
Duration: Mar 24 2015Mar 25 2015

Publication series

NameProceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015

Other

Other10th International Conference on Cyber Warfare and Security, ICCWS 2015
Country/TerritorySouth Africa
Period3/24/153/25/15

Keywords

  • Cyber security
  • Information security continuous monitoring
  • Risk management
  • Security automation

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Computer Science Applications

Fingerprint

Dive into the research topics of 'Leveraging information security continuous monitoring for cyber defense'. Together they form a unique fingerprint.

Cite this