Leveraging information security continuous monitoring for cyber defense

Tina Al Sadhan; Joon S Park

Leveraging information security continuous monitoring for cyber defense

Tina Al Sadhan, Joon S Park

School of Information Studies

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.

Original language	English (US)
Title of host publication	Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015
Publisher	Academic Conferences Limited
Pages	401-408
Number of pages	8
ISBN (Print)	9781910309964
State	Published - 2015
Event	10th International Conference on Cyber Warfare and Security, ICCWS 2015 - , South Africa Duration: Mar 24 2015 → Mar 25 2015

Other

Other	10th International Conference on Cyber Warfare and Security, ICCWS 2015
Country	South Africa
Period	3/24/15 → 3/25/15

Keywords

Cyber security
Information security continuous monitoring
Risk management
Security automation

ASJC Scopus subject areas

Computer Networks and Communications
Safety, Risk, Reliability and Quality
Computer Science Applications

Fingerprint Dive into the research topics of 'Leveraging information security continuous monitoring for cyber defense'. Together they form a unique fingerprint.

Cite this

@inproceedings{9d76b9c3aafb492c8e00dc9df4c6ee2d,

title = "Leveraging information security continuous monitoring for cyber defense",

abstract = "Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.",

keywords = "Cyber security, Information security continuous monitoring, Risk management, Security automation",

author = "{Al Sadhan}, Tina and Park, {Joon S}",

year = "2015",

language = "English (US)",

isbn = "9781910309964",

pages = "401--408",

booktitle = "Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015",

publisher = "Academic Conferences Limited",

note = "10th International Conference on Cyber Warfare and Security, ICCWS 2015 ; Conference date: 24-03-2015 Through 25-03-2015",

}

TY - GEN

T1 - Leveraging information security continuous monitoring for cyber defense

AU - Al Sadhan, Tina

AU - Park, Joon S

PY - 2015

Y1 - 2015

N2 - Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.

AB - Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.

KW - Cyber security

KW - Information security continuous monitoring

KW - Risk management

KW - Security automation

UR - http://www.scopus.com/inward/record.url?scp=84969234369&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84969234369&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84969234369

SN - 9781910309964

SP - 401

EP - 408

BT - Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015

PB - Academic Conferences Limited

T2 - 10th International Conference on Cyber Warfare and Security, ICCWS 2015

Y2 - 24 March 2015 through 25 March 2015

ER -