Description

This is a segment in our ongoing series on cyber risks.  In this session we begin to delve into the detection phase of a cyber risk assessment.  

Once assets are identified, the National Institute of Standards and Technology (NIST) framework suggests organizations then protect those assets. The next element is to detect threats against those assets.  Some may correlate this to the “Monitoring” phase of the Committee of Sponsoring Organizations (COSO) internal control framework, but there is much more involved in detection than simple monitoring.

In this segment we discuss important elements to consider when determining how to stay abreast of impending threats and what organizations should do to detect those threats. We also discuss the types of Information Technology (IT) assets you should consider when establishing your detection processes.  Our discussion on the detect phase is divided into two separate courses.  This is course one.

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.