compliance controls are associated with this Policy definition 'Use automated mechanisms for security alerts' (b8689b2e-4308-a58b-a0b4-6f3343a000df)
| Control Domain |
Control |
Name |
MetadataId |
Category |
Title |
Owner |
Requirements |
Description |
Info |
Policy# |
| CIS_Azure_Foundations_v2.1.0 |
2.1.18 |
CIS_Azure_Foundations_v2.1.0_2.1.18 |
CIS Azure Foundations v2.1.0 2.1.18 |
Security Monitoring |
Ensure 'Additional email addresses' is Configured with a Security Contact Email |
Shared |
n/a |
Ensure that a security contact email is set up for alerts and notifications. |
|
3 |
| CIS_Azure_Foundations_v2.1.0 |
2.1.19 |
CIS_Azure_Foundations_v2.1.0_2.1.19 |
CIS Azure Foundations v2.1.0 2.1.19 |
Security Monitoring |
Ensure That 'Notify about alerts with the following severity' is Set to 'High' |
Shared |
n/a |
Configure alert notifications to be sent for high-severity issues only. |
|
3 |
| CIS_Controls_v8.1 |
13.11 |
CIS_Controls_v8.1_13.11 |
CIS Controls v8.1 13.11 |
Network Monitoring and Defense |
Tune security event alerting thresholds |
Shared |
Tune security event alerting thresholds monthly, or more frequently.
|
To regularly adjust and optimize security event alerting thresholds, aiming to enhance effectiveness. |
|
49 |
| CIS_Controls_v8.1 |
17.2 |
CIS_Controls_v8.1_17.2 |
CIS Controls v8.1 17.2 |
Incident Response Management |
Establish and maintain contact information for reporting security incidents |
Shared |
1. Establish and maintain contact information for parties that need to be informed of security incidents.
2. Contacts may include internal staff, third-party vendors, law enforcement, cyber insurance providers, relevant government agencies, Information Sharing and Analysis Center (ISAC) partners, or other stakeholders.
3. Verify contacts annually to ensure that information is up-to-date. |
To establish and maintain a comprehensive contact list for entities that need to be notified in the event of security incidents. |
|
3 |
| CIS_Controls_v8.1 |
4.1 |
CIS_Controls_v8.1_4.1 |
CIS Controls v8.1 4.1 |
Secure Configuration of Enterprise Assets and Software |
Establish and maintain a secure configuration process. |
Shared |
1. Establish and maintain a secure configuration process for enterprise assets (end-user devices, including portable and mobile; non-computing/IoT devices; and servers) and software (operating systems and applications).
2. Review and update documentation annually, or when significant enterprise changes occur that could impact this safeguard. |
To ensure data integrity and safety of enterprise assets. |
|
44 |
| FedRAMP_High_R4 |
SI-5(1) |
FedRAMP_High_R4_SI-5(1) |
FedRAMP High SI-5 (1) |
System And Information Integrity |
Automated Alerts And Advisories |
Shared |
n/a |
The organization employs automated mechanisms to make security alert and advisory information available throughout the organization.
Supplemental Guidance: The significant number of changes to organizational information systems and the environments in which those systems operate requires the dissemination of security-related information to a variety of organizational entities that have a direct interest in the success of organizational missions and business functions. Based on the information provided by the security alerts and advisories, changes may be required at one or more of the three tiers related to the management of information security risk including the governance level, mission/business process/enterprise architecture level, and the information system level. |
link |
1 |
| hipaa |
1523.11c3Organizational.24-11.c |
hipaa-1523.11c3Organizational.24-11.c |
1523.11c3Organizational.24-11.c |
15 Incident Management |
1523.11c3Organizational.24-11.c 11.02 Management of Information Security Incidents and Improvements |
Shared |
n/a |
Incidents are promptly reported to the appropriate authorities and outside parties (e.g., FedCIRC, CERT/CC). |
|
4 |
| NIST_SP_800-53_R4 |
SI-5(1) |
NIST_SP_800-53_R4_SI-5(1) |
NIST SP 800-53 Rev. 4 SI-5 (1) |
System And Information Integrity |
Automated Alerts And Advisories |
Shared |
n/a |
The organization employs automated mechanisms to make security alert and advisory information available throughout the organization.
Supplemental Guidance: The significant number of changes to organizational information systems and the environments in which those systems operate requires the dissemination of security-related information to a variety of organizational entities that have a direct interest in the success of organizational missions and business functions. Based on the information provided by the security alerts and advisories, changes may be required at one or more of the three tiers related to the management of information security risk including the governance level, mission/business process/enterprise architecture level, and the information system level. |
link |
1 |
| NIST_SP_800-53_R5 |
SI-5(1) |
NIST_SP_800-53_R5_SI-5(1) |
NIST SP 800-53 Rev. 5 SI-5 (1) |
System and Information Integrity |
Automated Alerts and Advisories |
Shared |
n/a |
Broadcast security alert and advisory information throughout the organization using [Assignment: organization-defined automated mechanisms]. |
link |
1 |
| SWIFT_CSCF_v2022 |
2.2 |
SWIFT_CSCF_v2022_2.2 |
SWIFT CSCF v2022 2.2 |
2. Reduce Attack Surface and Vulnerabilities |
Minimise the occurrence of known technical vulnerabilities on operator PCs and within the local SWIFT infrastructure by ensuring vendor support, applying mandatory software updates, and applying timely security updates aligned to the assessed risk. |
Shared |
n/a |
All hardware and software inside the secure zone and on operator PCs are within the support life cycle of the vendor, have been upgraded with mandatory software updates, and have had security updates promptly applied. |
link |
9 |