Improved Situational Awareness
Situational awareness is key to an effective security program. Awareness of threats, both natural disasters and human motivated, allows for efficient allocation of resources and effective implementation of controls. Awareness of vulnerabilities aids in the prioritization of remediation efforts, and awareness of security events triggers appropriate and timely response actions.
Strategies in this category will help the state better understand its risks and threats and promptly respond to adverse events. They also give the state a more effective measure of its risk posture with rigorous performance metrics.
12. Detect Security Anomalies Faster
Security operations – the day-to-day activities of monitoring, auditing, and responding to events – involves correlating vast amounts of information and collaborating with numerous teams. For state government to perform these operations well, data must be available and accurate, tools must be tuned and integrated, and processes must be tested and continuously matured. The continued increase in state IT complexity and 24-hour operation of state systems further increases the need for more effective security operations.
This strategy includes eleven specific desired outcomes.
13. Improve Our Understanding of the IT Environment
There is an old adage in the cybersecurity field; you cannot secure what you do not understand. Defining security controls in a world of quickly morphing threats is challenging, particularly in extremely complex and highly diverse environments. This strategy will help the state security program gain a more comprehensive understanding of the business systems that it now supports, including the hardware and software underlying each system.
This strategy includes five specific desired outcomes.