Information Security Surveillance
The more I read and learn about the health care domain, and especially the public health arena, the more I find similarities between public health and information security. Take the following example from the CDC web site:
Public Health Surveillance has been defined as the ongoing, systematic collection, analysis, and interpretation of data (e.g., regarding agent/hazard, risk factor, exposure, health event) essential to the planning, implementation, and evaluation of public health practice, closely integrated with the timely dissemination of these data to those responsible for prevention and control. -- Source: http://www.cdc.gov/ncphi/disss/nndss/phs/overview.htm
Sounds familiar? This is exactly what corporate security folks do all day! We have people systematically watching our systems and networks and we make sure that the things that they find on it are analyzed and appropriate actions are taken.
In public health care, a surveillance system provides an epidemiologist with eyes and ears on the ground. That is something we, as information security professionals, also need. We need to partner with our helpdesks to detect deviations from the normal call patterns. We need to partner with our field support techs to make sure that they tell us about policy violations they may encounter and we need to team up with the physical security teams to make sure that proper access controls and intrusion detection systems (as in: motion sensors, break-in alarms, etc.) are in place AND are being monitored.
Start building your information security surveillance system!
It is time we start step up our game and improve the way that we learn from other domains. Epidemiology has been around for a while, and they do a lot of cool stuff.
Public Health Surveillance has been defined as the ongoing, systematic collection, analysis, and interpretation of data (e.g., regarding agent/hazard, risk factor, exposure, health event) essential to the planning, implementation, and evaluation of public health practice, closely integrated with the timely dissemination of these data to those responsible for prevention and control. -- Source: http://www.cdc.gov/ncphi/disss/nndss/phs/overview.htm
Sounds familiar? This is exactly what corporate security folks do all day! We have people systematically watching our systems and networks and we make sure that the things that they find on it are analyzed and appropriate actions are taken.
In public health care, a surveillance system provides an epidemiologist with eyes and ears on the ground. That is something we, as information security professionals, also need. We need to partner with our helpdesks to detect deviations from the normal call patterns. We need to partner with our field support techs to make sure that they tell us about policy violations they may encounter and we need to team up with the physical security teams to make sure that proper access controls and intrusion detection systems (as in: motion sensors, break-in alarms, etc.) are in place AND are being monitored.
Start building your information security surveillance system!
It is time we start step up our game and improve the way that we learn from other domains. Epidemiology has been around for a while, and they do a lot of cool stuff.