A critical, but often overlooked Information Security Management activity is the requirement to proactively and continuously monitor the quality and effectiveness of a security implementation. The Security Officer needs to be able to regularly provide this assurance to "Management". Waiting until issues are discovered and reported by "auditors" can be disastrous for Management's trust in their security controls and, worse, the credibility of the Security Officer ... not a good place to be.
This is an update of a user presentation at the previous SHARE conference in Orlando. Stay ahead of your auditors! The speaker will discuss how to go beyond event monitoring and achieve a broader monitoring of overall security status. He will show how to:
- Monitor and report on undesired or unexpected settings, permissions, protection
- Track changes related to custom or add on solutions
- Focus on the relevant and critical events to monitor and
- Home in on the "needles in the haystack" that may represent issues with security quality and effectiveness