TY - GEN
T1 - Leveraging Information Security Continuous Monitoring to Enhance Cybersecurity
AU - Alsadhan, Tina
AU - Park, Joon S.
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Cyber attacks against U.S. Federal information systems are relentless and increasingly sophisticated. The probability for grave damage continues to escalate despite the efforts and significant resources expended. The detection, analysis, and prioritization of cybersecurity vulnerabilities, threats, and the status of the effectiveness of cybersecurity protection measures is needed within minutes to reduce or eliminate compromise and the associated debilitating consequences. Information Security Continuous Monitoring (ISCM) leverages technology to evolve from compliance-focused cybersecurity to data-driven risk management. ISCM enables real-time or near-real-time cyber situational awareness to be responsive to the explosive rates of vulnerabilities, persistent threats, and determined enemies. Despite the promises of ISCM, Federal government agencies continue to face challenges in achieving effective ISCM. Therefore, as part of our ongoing research, in this paper we discuss the need for ISCM and its current status, analyze its challenges for cybersecurity, and propose the future strategies to leverage ISCM for cybersecurity.
AB - Cyber attacks against U.S. Federal information systems are relentless and increasingly sophisticated. The probability for grave damage continues to escalate despite the efforts and significant resources expended. The detection, analysis, and prioritization of cybersecurity vulnerabilities, threats, and the status of the effectiveness of cybersecurity protection measures is needed within minutes to reduce or eliminate compromise and the associated debilitating consequences. Information Security Continuous Monitoring (ISCM) leverages technology to evolve from compliance-focused cybersecurity to data-driven risk management. ISCM enables real-time or near-real-time cyber situational awareness to be responsive to the explosive rates of vulnerabilities, persistent threats, and determined enemies. Despite the promises of ISCM, Federal government agencies continue to face challenges in achieving effective ISCM. Therefore, as part of our ongoing research, in this paper we discuss the need for ISCM and its current status, analyze its challenges for cybersecurity, and propose the future strategies to leverage ISCM for cybersecurity.
KW - ISCM
KW - continuous diagnostics and mitigation
KW - continuous monitoring
KW - cybersecurity
UR - http://www.scopus.com/inward/record.url?scp=85133932124&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85133932124&partnerID=8YFLogxK
U2 - 10.1109/CSCI54926.2021.00189
DO - 10.1109/CSCI54926.2021.00189
M3 - Conference contribution
AN - SCOPUS:85133932124
T3 - Proceedings - 2021 International Conference on Computational Science and Computational Intelligence, CSCI 2021
SP - 753
EP - 759
BT - Proceedings - 2021 International Conference on Computational Science and Computational Intelligence, CSCI 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 International Conference on Computational Science and Computational Intelligence, CSCI 2021
Y2 - 15 December 2021 through 17 December 2021
ER -