From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Join today to access over 23,200 courses taught by industry experts.
Collecting security process data
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance
Collecting security process data
- [Instructor] Security systems and processes generate large amounts of information. Buried in these massive piles of data are key pieces of information about the health of your security program. Security assessment requires collecting and analyzing that data on a regular basis. When we design security programs, we often focus primarily on the technical controls that protect the confidentiality, integrity, and availability of information. After all, these controls are usually the ones that require the greatest investment of time and resources. However, security programs can't function effectively if they don't also have solid management and operational controls, such as undergoing regular and continuous evaluations. This requires access to both technical and process data. Technical data includes the logs generated by servers, network devices, firewalls, intrusion prevention systems, access control systems, and other security…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.