Home » Featured

Protective Monitoring Solutions

A protective monitoring solution essentially requires you to invest in a Security Information & Event Management Solution (SIEM). Most SIEM tools will be able to implement a successful Protective Monitoring solution, however there are some considerations that should be taken in to account, as described below: * Does your SIEM have built in reports and alerts for GPG 13 While not compulsory, if your SIEM does not have these out-of-the-box, then you will need to recreate them manually, which will require a level of professional services for... 
 

Executive Summary

What is GPG13 and how do I get GPG13 compliance? Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. Essentially, a Protective Monitoring solution will provide visibility and an understanding of who is accessing your organisations sensitive data. Implementation of protective monitoring solutions are recommended in a number of regulatory and industry best practices, such as PCI DSS , Cyber Security and SOX. While... 
 

What are CESG Recording Profiles?

Each of the Protective Monitoring Controls has an obligation to record specific information. The level of audit and accounting requirements will depend on the specific Recording Profile of the data. Within GPG13 there are four Recording Profiles, which roughly map to the to the HMG Information Assurance Standard no.1 Segmentation Model. The Segmentation Model has four hierarchical segments; Aware, Deter, Detect and Resist and Defend. The lowest segmentation level is Aware. At this level the organisation has an obligation to be Aware of public domain... 
 






© 2006-2017 Protective Monitoring – GPG13.