Introduction to this blog
How can I manage my team, my IT ... to do the job ?Why doing security monitoring ?
Where to start my project ? Where will be the end ?
Who can do the job inside or outside my company ? Who will be involved ?
When should I monitor my company ? Once a week, once day, business hours, 24/24 ?
Lot of questions with different answers depending on your needs, your budget and your team !
This blog is here to share with you some of my thoughts around these questions about monitoring and more(*). I will try to give some clues here, but do not rely on only one read for forging your mind. Read others, discus with specialist, try, retry and never give up.
Every company has his own needs and his maturity level. Unfortunately, there is no "perfect" answer. Filling a spread sheet or a survey won't give you the "big plan" to follow. You will still need some human brain to choose the best plan and follow IT ( <= yes, follow it, follow your IT we will discuss around it later). And this plan should be renewed as needed.
(*) Monitoring is just part of the job. You need some steps to help monitoring stuff (such as hardening) and you will have other steps after (such as incident response time). These themes fall into the "more" family of this blog and family means nobody gets left behind or forgotten ! Ohana ;-)
No comments:
Post a Comment