Select regional store:

Cyber Resilience Framework 2: Identify and Detect

Framework 2

The second element of IT Governance’s Cyber Resilience Framework focuses on monitoring your organization’s information and information systems for anomalies.

It should cover:

  • Security monitoring 

    Your organization’s systems, networks, and security measures should be continually observed and logged, both through automated means and through less frequent activities such as vulnerability scanning and penetration testing. Any identified anomalies and weaknesses should be acted upon. 

  • Active detection 

    Your organization should also actively seek to detect incidents (for example, by manually reviewing audit logs and gathering intelligence from outside the organization). Measures should be put in place to help detect malicious activity that might otherwise be difficult to identify.

The extent to which you implement these measures will depend on your own environment and compliance requirements.

This website uses cookies. View our cookie policy