You're reading from Information Security Handbook Enhance your proficiency in information security program development

Product type Paperback

Published in Oct 2023

Publisher Packt

ISBN-13 9781837632701

Length 370 pages

Edition 2nd Edition

Concepts

Information Security

Author (1):

Darren Death

View More author details

Table of Contents (16) Chapters

Preface

1. Chapter 1: Information and Data Security Fundamentals

2. Chapter 2: Defining the Threat Landscape FREE CHAPTER

3. Chapter 3: Laying a Foundation for Information and Data Security

4. Chapter 4: Information Security Risk Management

5. Chapter 5: Developing Your Information and Data Security Plan

6. Chapter 6: Continuous Testing and Monitoring

7. Chapter 7: Business Continuity/Disaster Recovery Planning

8. Chapter 8: Incident Response Planning

9. Chapter 9: Developing a Security Operations Center

10. Chapter 10: Developing an Information Security Architecture Program

11. Chapter 11: Cloud Security Considerations

12. Chapter 12: Zero Trust Architecture in Information Security

13. Chapter 13: Third-Party and Supply Chain Security

14. Index

Why subscribe?

15. Other Books You May Enjoy

Continuous monitoring

The concept of continuous monitoring stems from the understanding that an information system, if left unchecked, will gradually develop vulnerabilities that can be exploited. While IT and information security teams may excel in developing, securing, and testing a new information system, these efforts only capture a snapshot in time and can quickly become outdated. As new patches are released, and new exploit techniques emerge, information systems must be updated to address these evolving threats.

Continuous monitoring operates within the operations and maintenance phase of the SDLC. A continuous monitoring program should be established within an organization to ensure that security controls relating to people, processes, and technology are effectively monitored and continue to provide a robust defense against the ever-changing information security threat landscape.