Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page209/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   205   206   207   208   209   210   211   212   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019



COI Report – Part VII
Page 250 of 425

37.1 Identify gaps in the cyber stack by mapping layers of the IT
stack against existing security technologies
722. The “cyber stack is a construct that conveys the notion that IT security must bean integrated set of solutions. No fixed or universally accepted definition of the “cyber stack is available, but it can be understood as the layers of security technology that an organisation puts in place to form an integrated defence to cyber attacks, by providing prevention, detection and response capabilities to an organisation.
52
The IT stack is a hierarchical framework for computing, where network infrastructure and endpoints
53
provide a foundation, with various layers of software and applications on top. Mapping the cyber stack, and the capability provided by security technologies, against the IT stack, provides a framework for gaining greater visibility of the extent to which existing technologies address risks, and allows for gaps in coverage to be identified. This is illustrated in the following figure


52
The completeness of the cyber stack is necessary but not sufficient for effective defense. The organisation must have the appropriate expertise and intelligence to effectively operate the cyber stack. The term endpoint as used in this Recommendation refers to both end-user workstations and servers.


COI Report – Part VII
Page 251 of 425

Figure 14: Mapping of IT stack against cyber stack
Prevention

Detection

Response

Applications
Endpoints
Network
Intrusion Detection / Prevention Systems, Web Application Firewalls, Application Penetration Testing, Patch & Configuration Management Intrusion Detection / Prevention Systems, Access Log Alerts Backups and Disaster Recovery Processes, Application Remediation Antivirus, Anti-
Malware, Host-
Based Firewalls, Application
Whitelisting, Patch
& Configuration Management Antivirus, Anti-
Malware, Advanced Threat Protection Network, Email, Host Based Intrusion Detection, Endpoint Detection and Response
(EDR) Backups and Disaster Recovery Processes for Critical Systems, Endpoint Forensics, Endpoint Detection and Response
(EDR) Disaster Recovery Processes for Critical Networks, Network Forensics Security Information
& Event Management, Intrusion Detection / Prevention Systems, Web Proxy, Network Traffic Analysis, Data
Analytics, Threat Intelligence, Honeypots Firewalls, Intrusion Prevention / Detection Systems, Web Proxy, Network Traffic Analysis, Patch & Configuration Management


Download 5.91 Mb.

Share with your friends:
1   ...   205   206   207   208   209   210   211   212   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy