My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
01/12/2021
CBCC
>
Meetings
>
2020's
>
2021
>
01/12/2021
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/11/2021 10:50:54 AM
Creation date
2/11/2021 10:49:21 AM
Metadata
Fields
Template:
Meetings
Meeting Type
BCC Regular Meeting
Document Type
Agenda Packet
Meeting Date
01/12/2021
Meeting Body
Board of County Commissioners
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
113
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
01/12/2021 12.E.1. <br />isManaged Detection & Response <br />• As previously noted, it is possible to automate the EDR system response to many, <br />but not all, of the alerts generated by end points <br />• To ensure that all alerts are responded to appropriately the EDR system must be <br />actively monitored <br />• IRC IT staff considered three options for monitoring the EDR system. <br />1. Monitor the EDR system with IRC IT Staff <br />2. Managed Detection and Response (MDR) through a professional services supplier <br />3. MDR & prepaid cyber Incident Response (IR) through a professional services supplier <br />• The options above are presented in order of risk reduction with option #1 <br />carrying the most risk and option #3 the least <br />• They are ordered in a good, better, best format <br />1/12/2021 12.E.1. <br />W�+c <br />K MDR Options <br />• Option #1- using the IRC IT staff to monitor the EDR system is the option that <br />carries the most residual risk as the IRC IT staff is not staffed to provide 24 x 7 <br />monitoring support and does not specialize in cyber incident detection and <br />response <br />• Option #2 - using an MDR service through a supplier reduces this risk by providing <br />24 x 7 monitoring and response provided by cyber security professionals that <br />perform this function daily and as such are intimately familiar with current and <br />evolving cyber -attack techniques <br />• Option #3 - using an MDR supplier to perform monitoring & detection and <br />prepaying for cyber incident response (IR) support has the added benefit of <br />having a cyber incident response team available to support immediately upon <br />detection of a cyber breach rather than having to contract that support after <br />detection. <br />• Cyber incident mitigation is a time critical activity and having IR support already in place <br />provides the most risk reduction to the County. <br />1/12/2021 12.E.1. <br />�� ' 4 <br />
The URL can be used to link to this page
Your browser does not support the video tag.