Detect
In Chapter 5, we learned about the Protect function. In that chapter, we discovered ways to prove an identity. This includes not only proofing these identities in person but also ensuring that the method of authentication is commensurate with the level of risk the organization is willing to take. While a username and password combination used to be good enough for authentication purposes, it no longer is.
We also discussed ways of protecting your data. This includes data that is stored on disks, transferred in flight, or used by the system. To adequately protect your data, we must look at the use of encryption to safeguard against attacks such as man-in-the-middle or memory scraping.
Lastly, we touched on building resiliency requirements for your systems. There should be service-level agreements between IT and the business to ensure that business requirements are being met. If a system goes down, and it is critical to the business, how long will it take to get it back...
