by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : June 2013
QWhen it comes to aggregating and analyzing security data, how do agencies strike the right balance between being comprehensive and not getting overwhelmed? AI rarely hear complaints from staff that they are monitoring "too much" data. The complaints are more about "too many reports" being sent to too many people and becom- ing noise. "Too many reports" complaints generally come from not tailoring reports and views to the different roles that people have. Collecting lots of data is valuable to the IT professionals who need access to lots of data for their jobs. To be comprehensive without overwhelming staff it s essential to select tools that can collect all the necessary information but display different views to different people with easy to set up role-based reports, dashboards and alerts. The right tools can be set up to collect once, report many -- and deliver the right reports and alerts to the right person, with links to additional details provided. Selecting tools that are easy to use and require very little training is also essential to striking this balance and to avoid overwhelming staff with in depth training. QIn what ways does continuous monitoring support a risk management approach to cybersecurity? And how can a risk management approach shape a continuous monitoring strategy? AContinuous monitoring is an essential component of a risk management approach to cybersecurity in two ways. First, new threats are constantly being discovered and what is 100 percent covered today might not be covered tomorrow. Understanding your current risk is critical. By continuously monitoring your infrastructure for known vulnerabilities you are able to detect new vulnerabilities quickly and nd a way to mitigate them and keep up with this new, rapid pace of constant cyberattacks. Second, no IT system is ever left unchanged. As users and IT operations make changes they can inadvertently or deliberately expose well-known vulnerabilities that had been previously patched, xed or mitigated. With continuous monitoring you can uncover these issues quickly. Risk management has an additional set of requirements beyond those covered by continuous monitoring strategy to consider--to report on security issues when they happen so they can be immediately addressed. The continuous monitoring tools ideally need to address more than just operational concerns, but also some amount of risk management and vulnerability detection. And the requirements of risk management should be factored into continuous monitoring process development and tool selection. QTo what extent can continuous monitoring help agencies go beyond simply responding to problems and actually help them anticipate and mitigate future threats? AOps has leveraged continuous monitoring tools for years to help them proactively identify problems before they impact users. IA can leverage the signi cant experience and investment that ops typically has in monitoring by identifying dual- use capabilities and using them appropriately to be proactive. When IA is able to identify vulnerabilities on a daily basis through continuous monitoring, they can prioritize the problems and drive resolution on the most important issues, as well as detect and mitigate critical vulnerabilities much earlier. Additionally, IT operations needs to maintain an accurate and up-to-date change management system for optimal ef ciency and to make it possible to revert easily to prior con gurations when necessary. If information security isn t part of that process, evaluating each change for its impact on security posture, new vulnerabilities can go undetected. Dual-use tools that collect information for both performance and security needs eliminate the potential for communications errors, and speeds network threat detection.