NIST Seeks Feedback on Continuous Monitoring Tech, User Auditing

The NIST National Cybersecurity Center of Excellence (NCCoE) is seeking industry feedback on their new project description discussing successful continuous monitoring capabilities able to automatically and efficiently detect when a malicious actor gains access to an organization’s IT infrastructure

The proposed project will explore continuous monitoring capabilities through the collection of appropriate log data from the IT infrastructure, along with how continuous monitoring tech can be used to automate reporting and analysis of log data, which can alert the IT or security teams with actionable data and guidance to inform decisions around shoring up the detected issue.

The provided feedback will also help NCCoE create a NIST Cybersecurity Practice Guide, which will include a reference architecture and a fully implemented example solution, as well as a guide with practical steps organizations will need to successfully implement the continuous monitoring tool.

Using a vendor- and technology-agnostic approach, the guide will also outline a commercial and open-source product integration based on the reference architecture and conforming to cybersecurity standards and best practices.

Read more at: Health IT Security