August 31, 2016

Security Continuous Monitoring (DE.CM)

Objectives of Security Continuous Monitoring

The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures

  • DE.CM-1: The network is monitored to detect potential cybersecurity events
  • DE.CM-2: The physical environment is monitored to detect potential cybersecurity events
  • DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events
  • DE.CM-4: Malicious code is detected
  • DE.CM-5: Unauthorized mobile code is detected
  • DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events
  • DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed
  • DE.CM-8: Vulnerability scans are performed