Enterprise security management requires a broad based approach to monitoring, reporting and task management to achieve an effective level of security.

A comprehensive approach will include:

  • Aggregation – the collection of event notification from many different end systems and specialist tools
  • Correlation – the capability to relate any number of aggregated events and infer a result
  • Task management – the ability to create and manage incident investigation and management tasks – most likely through integration with a trouble ticket system
  • Metrics – the ability to provide flexible and meaningful results which may be used to identify activity
  • Reporting – the capability to interrogate application logs and archives to provide both management reports and technical analysis reports. This approach to security management provides oversight of the whole of an organisation’s technical infrastructure.
HM government have a specialist set of Protective Monitoring requirements, principally encompassed within IM22. Our team of CLAS consultants has a great deal of experience in the architecture, design, implementation, Accreditation and operational management of large-scale Protective Monitoring solutions.