Continuous monitoring (DE.CM)
It should be possible to monitor all IT resources within the environment. Not only does this include the need to monitor the resources and configuration drift but also the need to monitor the security and integrity of the resources. This can include monitoring for system anomalies, file integrity checking, and monitoring of log files.
This monitoring should be all-encompassing, meaning we are monitoring more than just the network. We are monitoring systems, servers, appliances, and the software running on the device. We can look at user behavior, data loss prevention, and third-party vendors.
DE.CM-01
Chances are, you have wireless set up in your environment, but is it protected? Are you using some type of authentication when your users try to authenticate to the network? Are you detecting rogue access points to protect your network from unauthorized access? This...
