Real-time Monitoring your Organization Against Threats Webinar 2014
conferences > Information Technology conferences > Real-time Monitoring your Organization Against Threats Webinar
17 July, 2014
Palm Beach FL , USA
Overview: Monitoring traffic is crucial and is often mandatory (e.g.: NERCii). Filtering and blocking malicious traffics is often optional, but I usually suggest IPS to detect and block threats in incoming/outgoing traffics from boundaries of critical perimeters (e.g.: Internet to Intranet, Intranet to critical perimeter gateways), but never in electronic security perimeters (ESP) where blocking valid traffics could lead to various operational disaster scenarios. Real-time monitoring of firewalls and other security sensors is required to rapidly detect and initiate response to cyber incidents.
Security and Compliance involve by default: exception, justification and compensatory measures. In all organizations, there are situations where it is considered more secured with reason to not apply any changes to a specific system (ex.: a HSM bank system remain usually unchanged, mainframes and Unix systems are other examples, especially in industrial organizations (ex.: in the energy sector, Technical Feasibility Exceptions (TFE) can justify the exemption of running a protective control such as an anti-malware or applying any update like system or firmware update, etc.).
Security and Compliance involve by default: exception, justification and compensatory measures. In all organizations, there are situations where it is considered more secured with reason to not apply any changes to a specific system (ex.: a HSM bank system remain usually unchanged, mainframes and Unix systems are other examples, especially in industrial organizations (ex.: in the energy sector, Technical Feasibility Exceptions (TFE) can justify the exemption of running a protective control such as an anti-malware or applying any update like system or firmware update, etc.).
none
