Home > Resources > Whitepapers > Continuous Monitoring of Information Security

Continuous Monitoring of Information Security

Information security centers around risk management — estimating and measuring risks, defining risk avoidance strategies, controlling and mitigating risks, and reporting on risks. At the end of the risk management cycle is one critical step: monitoring security (hence, monitoring risk). Security monitoring entails examining all of an organization’s risk controls, mitigations and policies and answering one key question: Is it collectively effective at managing risk?
Over time, the information security industry has been wrenched back and forth by legislative interest in compliance. Together, the Sarbanes–Oxley Act (SOX) of 2002 and, to a lesser extent, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 have completely reshaped information security monitoring

I'm For Real

Enter your details once to access all our information and resources

Spotlight

Radiflow

Radiflow is a leading provider of cyber security for critical infrastructure networks. The Radiflow solution provides operators visibility and control of their OT network; including both non-intrusive Industrial IDS to monitor real-time networks and security gateways to secure access to devices in critical zones. Radiflow was founded in 2010 as part of the RAD group, a family of ICT vendors with over $1Bn in annual revenues. Since 2012 Radiflow has sold more than 10,000 systems used by major utilities world-wide and validated by leading research labs in the US.

OTHER WHITEPAPERS
news image

X-Force Threat Intelligence Index 2022

whitePaper | September 12, 2022

The world continues to grapple with a lasting pandemic, shifts to work-from-home and back-to-office, and geopolitical changes spawning a constant drone of mistrust. All of this equates to chaos, and it is in chaos that cybercriminals thrive.

Read More
news image

Google Cloud security foundations guide

whitePaper | April 19, 2021

This guide presents an opinionated view of Google Cloud security best practices, organized to allow users to adopt or adapt them and then automatically deploy them for their estates on Google Cloud. This document can be useful to you if you are a CISO, security practitioner, risk or compliance officer.

Read More
news image

Reveal Risk Whitepaper: Measuring And Managing Cyber Resilience

whitePaper | March 3, 2023

Cyber Resilience (according to NIST) is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Resiliency in cybersecurity is not a new concept. It has long been postulated as a goal or used to convey that a business needs to be ready for the unpredictable that can and will arise in a volatile cyber-risk climate. However, we have seen that there is a disconnect between current practices for evaluating & leading cyber programs, and understanding, measuring, & building true cyber resiliency.

Read More
news image

Fortinet Security Fabric Enables Digital Innovation

whitePaper | February 5, 2020

Organizations are rapidly adopting digital innovation (DI) initiatives to accelerate their businesses, reduce costs, improve efficiency, and provide better customer experiences. Common initiatives involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organization’s footprint to new branch locations. With this evolving infrastructure also come security risks. Organizations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape. To accomplish their desired DI outcomes while effectively managing risks and minimizing complexities, organizations need to adopt a cybersecurity platform that provides visibility across their environment and a means to manage both security and network operations easily.

Read More
news image

Upchain Security Whitepaper

whitePaper | October 26, 2022

Upchain is a cloud-based product data management and product lifecycle management software that offers benefits of PDM/PLM through web browsers, APIs, CAD and Microsoft Office plugins, while securely processing customer data in the cloud.

Read More
news image

Security Operations Maturity Model

whitePaper | February 20, 2020

As the threat landscape continues to evolve, your cybersecurity efforts must follow suit. With your security operations center (SOC) at the core of your offense against threats, you must ensure that it can handle anything that comes its way. To be effective, you need to mature your SOC to stop threats early — before damage occurs. Whether your SOC is a virtual team of two to three or a 24x7 operation, maturing your security operations capabilities will help you achieve a faster mean time to detect (MTTD) and mean time to respond (MTTR) to cyberthreats. This white paper explores LogRhythm’s Security Operations Maturity Model (SOMM), which explains how to measure the effectiveness of your security operations. Through the model, you can learn how to mature your security operations capabilities, improving your resilience to cyberthreats.

Read More

X-Force Threat Intelligence Index 2022

whitePaper | September 12, 2022

The world continues to grapple with a lasting pandemic, shifts to work-from-home and back-to-office, and geopolitical changes spawning a constant drone of mistrust. All of this equates to chaos, and it is in chaos that cybercriminals thrive.

Read More

Google Cloud security foundations guide

whitePaper | April 19, 2021

This guide presents an opinionated view of Google Cloud security best practices, organized to allow users to adopt or adapt them and then automatically deploy them for their estates on Google Cloud. This document can be useful to you if you are a CISO, security practitioner, risk or compliance officer.

Read More

Reveal Risk Whitepaper: Measuring And Managing Cyber Resilience

whitePaper | March 3, 2023

Cyber Resilience (according to NIST) is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Resiliency in cybersecurity is not a new concept. It has long been postulated as a goal or used to convey that a business needs to be ready for the unpredictable that can and will arise in a volatile cyber-risk climate. However, we have seen that there is a disconnect between current practices for evaluating & leading cyber programs, and understanding, measuring, & building true cyber resiliency.

Read More

Fortinet Security Fabric Enables Digital Innovation

whitePaper | February 5, 2020

Organizations are rapidly adopting digital innovation (DI) initiatives to accelerate their businesses, reduce costs, improve efficiency, and provide better customer experiences. Common initiatives involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organization’s footprint to new branch locations. With this evolving infrastructure also come security risks. Organizations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape. To accomplish their desired DI outcomes while effectively managing risks and minimizing complexities, organizations need to adopt a cybersecurity platform that provides visibility across their environment and a means to manage both security and network operations easily.

Read More

Upchain Security Whitepaper

whitePaper | October 26, 2022

Upchain is a cloud-based product data management and product lifecycle management software that offers benefits of PDM/PLM through web browsers, APIs, CAD and Microsoft Office plugins, while securely processing customer data in the cloud.

Read More

Security Operations Maturity Model

whitePaper | February 20, 2020

As the threat landscape continues to evolve, your cybersecurity efforts must follow suit. With your security operations center (SOC) at the core of your offense against threats, you must ensure that it can handle anything that comes its way. To be effective, you need to mature your SOC to stop threats early — before damage occurs. Whether your SOC is a virtual team of two to three or a 24x7 operation, maturing your security operations capabilities will help you achieve a faster mean time to detect (MTTD) and mean time to respond (MTTR) to cyberthreats. This white paper explores LogRhythm’s Security Operations Maturity Model (SOMM), which explains how to measure the effectiveness of your security operations. Through the model, you can learn how to mature your security operations capabilities, improving your resilience to cyberthreats.

Read More
More Whitepapers

Spotlight

Radiflow

Radiflow is a leading provider of cyber security for critical infrastructure networks. The Radiflow solution provides operators visibility and control of their OT network; including both non-intrusive Industrial IDS to monitor real-time networks and security gateways to secure access to devices in critical zones. Radiflow was founded in 2010 as part of the RAD group, a family of ICT vendors with over $1Bn in annual revenues. Since 2012 Radiflow has sold more than 10,000 systems used by major utilities world-wide and validated by leading research labs in the US.

Events

Cyber Security World Asia

Conference