Abstract
Cyber infrastructures are constantly under siege by attackers attempting to exploit vulnerabilities. Despite efforts and significant resources expended to protect cyber systems, attackers continue to launch attacks and compromise information systems. Attacks often go unnoticed or security professionals are unable to fully determine the extent of the compromise at the time of attack. Therefore, an earlier awareness and remediation of a security condition can narrow the window of opportunity for an adversary to attack. Considering the large scale of cyber infrastructure, the use of technology in security operations is a critical component for cyber defense. In this research, as part of technology enabled security operation, we analyze the information security continuous monitoring mechanisms and discuss how to leverage them more effectively with extension for cyber defense. In particular, we focus on security controls, security automation, security data, risk scoring, security measurement and situational awareness. Based on our analyses, we will compare the tradeoffs, discuss the challenges for improvements, and present the future strategies for information security continuous monitoring.
Original language | English (US) |
---|---|
Title of host publication | Proceedings of the 10th International Conference on Cyber Warfare and Security, ICCWS 2015 |
Publisher | Academic Conferences Limited |
Pages | 401-408 |
Number of pages | 8 |
ISBN (Print) | 9781910309964 |
State | Published - 2015 |
Event | 10th International Conference on Cyber Warfare and Security, ICCWS 2015 - , South Africa Duration: Mar 24 2015 → Mar 25 2015 |
Other
Other | 10th International Conference on Cyber Warfare and Security, ICCWS 2015 |
---|---|
Country | South Africa |
Period | 3/24/15 → 3/25/15 |
Keywords
- Cyber security
- Information security continuous monitoring
- Risk management
- Security automation
ASJC Scopus subject areas
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality
- Computer Science Applications