File Integrity Monitoring NON STOP FILE INTEGRITY MONITORING

A new whitepaper released by the World Economic Forum Future of Digital Economy and Society System Initiative intends to help boards understand the cyber risks they are facing in 2017.

The report claimed that “organizations do not feel equipped with the tools to manage cyber risks with the same level of confidence that they manage other risks, and the emerging leading practices have not yet become part of the standards set of board competencies.”

The guide claims that moving forward two things are required: a significant increase in organizations adopting, sharing, and iterating leading security practices, and cross-sectoral collaboration in order to develop new practices that require dealing with unique attributes of managing cyber risks of physical assets.


The whitepaper proposes Ten Board Principles for Cyber Resilience:

  1. Responsibility for Cyber Resilience- the entire board takes ultimate responsibility for oversight of cyber risk and resilience
  2. Command of the Subject- board members receive cyber resilience orientation upon onboarding and are regularly updated on the latest threats and trends
  3. Accountable Officer- the board must have certain there is one corporate officer accountable for reporting the organization’s capability to manager cyber resilience and progress in implementing cyber resilience goals
  4. Integration of Cyber Resilience- board ensures that management integrated cyber resilience and cyber risk assessments into the overall business strategy and into enterprise wise risk management
  5. Risk Appetite- board annually defines and quantifies business risk tolerance relative to cyber resilience, and ensures that this is consistent with corporate strategy and risk appetite
  6. Risk Assessment and Reporting- board holds management accountable for reporting a quantified and understandable assessment of cyber risks, threats and events as a standing agenda item during board meetings
  7. Resilience Plans- support for the officer accountable for cyber resilience by the creation, implementation, testing and ongoing improvement of cyber resilience plans
  8. Community- encourages management to collaborate with other stakeholders in order to ensure systemic cyber resilience
  9. Review- conduct a formal, independent cyber resilience review of the organization annually
  10. Effectiveness- review performance in the implementation of these principles

 

The purpose of this whitepaper is to “provide boards with a framework and set of tools to smoothly integrate cyber risk and resilience into business strategies, and so that their companies can innovate and grow securely and sustainably.”

Richard Samans with the World Economic Forum claims, “I’ve been saying for a number of years that information risk must be elevated to a board-level issue and given the same attention afforded to other risk management practices. Organizations face a daunting array of challenges interconnected with cyber security: the insatiable appetite for speed and agility, the growing dependence on complex supply chains, and the rapid emergence of new technologies.”


 

Implementing File Integrity Monitoring to Your Layered Security Approach

In order to detect potentially significant changes to system files and protect systems from malware, it is essential to not just simply run a comparison of the file system once per day as has traditionally been the approach, but to provide an alert within seconds of a significant file change occurring.

The best File Integrity Monitoring technology will also now identify who made the change, detailing the account name and process used to make changes, crucial for forensically investigating security breaches. It is good to know that a potential breach has occurred but even better if you can establish who and how the change was made.

 

Read this report on Info-Security Magazine

 

 

 

 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.