Description

This is a segment in our ongoing series on cyber risks. Part one of this segment about “Cyber Risk Assessments – Identifying Threats” delved into the detection phase of a cyber risk assessment. We evaluated important elements to consider when determining how to stay abreast of impending threats and what organizations should do to detect those threats including evaluating anomalies, instilling continuous monitoring tactics and dedicated detection methods.

This is the second part of the two-part series. This segment focuses on the types of Information Technology (IT) assets to consider when establishing detection processes, the concept of applied security and additional considerations for continuous monitoring and forensic analysis. We also look briefly at incident response – which is covered in greater detail in the segment on “Cyber Security Risk Assessment – Recover from Breaches”.

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.