Advanced Platform For Corporate Incident Detection And Management

Abstract

Today companies are faced with a growing number of threats which undermine the integrity of their own business and information. Most threats arise from the heavy dependence of services upon information technology and the high flexibility of IT infrastructures which poses problems in terms of potential misuse. Information leakage is one of the most sensitive instances of corporate incidents entailing a criminal intention. Nevertheless, other causes can be ascribed to an inadequate protection of critical information, i.e. a lack of policy enforcement or poor classification system. The end goal is to achieve an information infrastructure that ensures the availability of critical information while guaranteeing its integrity through a suitable Information Lifecycle Management strategy. However, such policies heavily rely on technological infrastructures and need to be supported by ad hoc tools. Hence, since it is not always possible to ensure accurate operations on the entire infrastructure, it is vital that organizations are able to monitor and manage incidents, cyber attacks and fraud against themselves and their clients through an integrated platform. An adequate unified control system will, on the one hand, gather incident alarms from both internal and external sources (directories, black lists, etc.) as well as through probes and peripheral agents, on the other hand, monitor traffic on a parametric basis. This platform will provide an environment which will support the operator during the whole process of case management.

Extracted Key Phrases

Cite this paper

@inproceedings{Ghioni2004AdvancedPF, title={Advanced Platform For Corporate Incident Detection And Management}, author={Fabio Ghioni}, booktitle={ISSA}, year={2004} }