A framework based on continuous security monitoring

Download
2008
Ertürk, Volkan
Continuous security monitoring is the process of following up the IT systems by collecting measurements, reporting and analysis of the results for comparing the security level of the organization on continuous time axis to see how organizational security is progressing in the course of time. In the related literature there is very limited work done to continuously monitor the security of the organizations. In this thesis, a continuous security monitoring framework based on security metrics is proposed. Moreover, to decrease the burden of implementation a software tool called SecMon is introduced. The implementation of the framework in a public organization shows that the proposed system is successful for building an organizational memory and giving insight to the security stakeholders about the IT security level in the organization.

Suggestions

A Conceptual Model for a Metric Based Framework for the Monitoring of Information Security Tasks’ Efficiency
Sönmez, Ferda Özdemir (Elsevier BV; 2019)
Information Security Governance Systems are not adequate to measure the effectiveness and efficiency of security tasks for the enterprises. Although some of the systems offer ways for measurement, they still need the definition of measurement objectives and metrics. This study proposes a conceptual framework mode which has human and tool/process related metrics. This system also allows the collection of evidence data for security-related tasks and ways to motivate the security staff to provide a more produc...
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Özdemir Sönmez, Ferda ; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
A workflow system through cooperating agents for control and document flow over the internet
Doğaç, Asuman; Tambag, Y; Tumer, A; Ezbiderli, M; Tatbul, N; Hamali, N; Icdem, C; Beeri, C (2000-01-01)
In this paper we describe in architecture that provides for automating and monitoring the flow of control and document over the Internet among different organizations, thereby creating a platform necessary to describe higher order processes involving several organizations and companies. The higher order process is designed through a graphical user interface and is executed through cooperating agents that are automatically initialized at cacti site that the process executes. Agents handle the activities at t...
A process based model for measuring process quality attributes
Guceglioglu, AS; Demirörs, Onur (2005-01-01)
Organizations frequently use product based organizational performance models to measure the effects of information system (IS) on their organizations. This paper introduces a complementary process based approach that is founded on measuring business process quality attributes. These quality attributes are defined on the basis of ISO/IEC 9126 Software Product Quality Model. The new process quality attributes are applied in an experiment and results are discussed in the paper.
An automated tool for information security management system
Erkan, Ahmet; Arifoğlu, Ali; Department of Information Systems (2006)
This thesis focuses on automation of processes of Information Security Management System. In accordance with two International Standards, ISO/IEC 27001:2005 and ISO/IEC 17799:2005, to automate the activities required for a documented ISMS as much as possible helps organizations. Some of the well known tools in this scope are analyzed and a comparative study on them including “InfoSec Toolkit”, which is developed for this purpose in the thesis scope, is given. “InfoSec Toolkit” is based on ISO/IEC 27001:2005...
Citation Formats
V. Ertürk, “A framework based on continuous security monitoring,” M.S. - Master of Science, Middle East Technical University, 2008.