Information Security Analysis and Monitoring

Information Security Analysis and Monitoring

Two main areas are addressed in Information Security Analysis and Monitoring.  The Analysis phase determines the Vulnerabilities, Security Exposures and the Attack Vector against the Enterprise.  Monitoring is a continuous process where all critical systems, including upstream and downstream, and monitored and the logs collated to a central system.

Your biggest threat is internally.  External threat actors uses internal resources to compromise from afar.– SACS

Lower Your Attack Surface:

Active and Passive Security Analysis
Big Data Logging and Analysis
Efficient & Effective Security Controls
Post Review Threat Notification

Security threats evolve continuously and the saying … ‘You do not know what you do not know’ is the crux of the threat matrix.  The best approach is the monitor all key points in network and identify any new unknown device and perform a threat analysis as soon as possible.  This will improve the organisations Security Stance

  • Internal Threats
  • Syndication Threats
  • External Threats
  • Natural Disasters
  • Syndicate
  • Staff

One of the areas that we have seen during frauds is syndication getting involved with staff and using staff to be the conduit to commit the technical steps.  Staff could be approached to share in the takings or staff with financial, gambling, substance abuse or family problems may be leverage.

Current Process

Our Security Monitoring is not limited to the technical attributes of the system such as network devices, logon events but also to social profiles and user behavior.   Using disparate data collated to an intelligent server which can handle different protocols, services and highly scalable.  Many of these services can be housed using appliances with critical notifications monitored via a multitude of devices.  This can be done by your staff or using notification using secure encrypted tunnels to our Secure Operations Centre (SOC).

You can never outsource security but you can co-source it.  Make sure that all areas are covered and that there is a continuous process of knowledge transfer and development of own staff.

  • TCP and UDP scalable services
  • REST Services
  • Store-for-forward ensuring delivery
  • Security-as-a-Service (SaaS)

Technology is not the only solution, but the interaction and the collation of information to realize the threats against your enterprise assets and resources.  It is better to have some monitoring in place and take small steps to a final solution.  Do not wait for fraud to be reason to put a solution together.