Project #55802 - Continuous Monitoring

Assignment Overview

Continuous monitoring is a critical part of risk mangement process. "Continuous monitoring is ongoing observance with intent to provide warning. A continuous monitoring capability is the ongoing observance and analysis of the operational states of systems to provide decision support regarding situational awareness and deviations from expectations." —Source: Keith Willett (MITRE) in support of the NSA.

"Information Security Continuous Monitoring (ISCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions." —NIST.

Organizations should establish, implement, and maintain ISCM. ISCM should be a recursive process as its monitoring strategy is continually refined so that ISCM is a robut system. Tiered organization-wide ISCM framework and dynamic ISCM processes are proposed by the National Institute of Standards and Technology. Please scan through the important framework and processes in the following article. Its Appendix D "Technologies for Enabling ISCM" provides some technical and managerial details and examples.

NIST (2011). Information Security -- Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. National Institute of Standards and Technology Special Publication 800-137.

Additional reference models are also provided and extended to go more in depth both technically and managerially. Please investigate the CAESARS model below and its extension.

DHS (2011). Continuous Asset Evaluation, Situational Awareness, and Risk Scoring Reference Architecture Report (CAESARS). Department of Homeland Security.

Mell, P. (2011) Presentation: An Enterprise Continuous Monitoring Technical Reference Model. Jointly developed by the U.S. National Security Agency, the U.S. Department of Homeland Security, and the National Institute of Standards and Technology.

After reading the above artilces, please write a 3-5 page paper titled:

"Information Security Continuous Monitoring—Challenges and Solutions"

Please address the following issues in your paper:

  1. The importance of continuous monitoring of information systems
  2. The technical and managerial challenges of continuous monitoring
  3. The technical and managerial solutions to continous monitoring, including framework, processes, etc.
  4. The challenges and solutions to risk assessments that are particularly interestng to you

Assignment Expectations (50 points total)

Length: Minimum 3–5 pages excluding cover page and references (since a page is about 300 words, this is approximately 900–1,500 words).

Assignment-driven criteria (25 points): Demonstrates clear understanding of the subject and addresses all key elements of the assignment.

Critical thinking (10 points): Demonstrates mastery conceptualizing the problem. Shows analysis, synthesis, and evaluation of required material.

Scholarly writing (5 points): Demonstrates writing proficiency at the academic level of the course; addresses the Learning Outcomes of the assignment.

Quality of references (4 points) and assignment organization (3 points): Uses relevant and credible sources to support assertions. Assignment is well organized and follows the structure of a well-written paper.

Citing sources (3 points): Uses in-text citations and properly formats references in APA style.

Subject Computer
Due By (Pacific Time) 02/09/2015 12:00 am
Report DMCA
TutorRating
pallavi

Chat Now!

out of 1971 reviews
More..
amosmm

Chat Now!

out of 766 reviews
More..
PhyzKyd

Chat Now!

out of 1164 reviews
More..
rajdeep77

Chat Now!

out of 721 reviews
More..
sctys

Chat Now!

out of 1600 reviews
More..
sharadgreen

Chat Now!

out of 770 reviews
More..
topnotcher

Chat Now!

out of 766 reviews
More..
XXXIAO

Chat Now!

out of 680 reviews
More..
All Rights Reserved. Copyright by AceMyHW.com - Copyright Policy