Content library
Security systems and logging
Monitoring the use of the network and information systems to identify anomalies
Technical cyber security
Security systems and logging

Monitoring the use of the network and information systems to identify anomalies

Start free trial

Task description

Monitoring the use of the network and information systems to identify anomalies

Organization's data systems and network must be monitored to detect abnormal use. When anomalities are detected, the organization must take the necessary measures to assess the possibility of security incident.

The monitoring should utilize tools that enable real-time or regular monitoring, taking into account the organization's requirements. Monitoring practices should be able to manage large amounts of data, adapt to changing threat environment, and send alerts immediately when necessary.

Inclusion of the following sources in the monitoring system should be considered:

  • outbound and inbound network and data system traffic

    li>

  • access to critical data systems, servers, network devices and the monitoring system itself
  • critical system and network configuration files
  • logs from security tools (e.g. antivirus, IDS, IPS, network filters, firewalls)

Organization must also establish procedures for identifying and correcting "false positive" results, including tuning monitoring software for more accurate anomaly detection.

Requirements connected to the task

13.6: Collect Network Traffic Flow Logs
CIS 18 controls
13.7: Prioritering af forbindelser og tjenester ved kapacitetsproblemer
Cybersikkerhedsloven (Danmark)
19.2.k: Traċċabbiltà u reġistrazzjoni tas-sistemi tal-informazzjoni
Avviż Legali 71 tal-2025 (Malta)
29: Agrās brīdināšanas sensori
Nacionālās kiberdrošības likums (Latvia)
3.2.3: Decide which parts of the ICT system to monitor
NSM ICT Security Principles (Norway)
3.2.4: Decide which data is security-relevant and should be collected
NSM ICT Security Principles (Norway)
3.3.2: Establish and maintain expertise on the desired state of the organisation’s information systems
NSM ICT Security Principles (Norway)
3.3.3: Select tools that support manual and automated searches including criteria based alerts
NSM ICT Security Principles (Norway)
31: Besondere Anforderungen an die Risikomanagementmaßnahmen von Betreibern kritischer Anlagen
NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz (Deutschland)
4.2.1: Review log data and collect relevant data on the incident to create a good basis for making decisions
NSM ICT Security Principles (Norway)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Documentation of system logs for self-maintained data systems
Critical
High
Normal
Low
Security systems and logging
45
requirements

Examples of other requirements this task affects

Članak 30.1.b (logs): Postupanje s incidentima, uključujući njihovo praćenje, evidentiranje i prijavljivanje
NIS2 Croatia
9.9a §: Poikkeamien havainnointi
Kyberturvallisuuslaki
5.2.4: Log management and analysis
TISAX
30 § 3.2° (détection et journaux): La gestion des incidents
NIS2 Belgium
PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Documentation of system logs for self-maintained data systems
Collection of log data on the use of data systems
Critical
High
Normal
Low
Security systems and logging
13
requirements

Examples of other requirements this task affects

17 §: Lokitietojen kerääminen
TiHL
HAL-07.1: Seuranta ja valvonta - tietojen käyttö ja luovutukset
Julkri
TEK-12: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Julkri
TEK-12.1: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - tietojen luovutukset
Julkri
49: Tietojärjestelmien lokitietojen keräys
Digiturvan kokonaiskuvapalvelu
See all related requirements and other information from tasks own page.
Go to >
Collection of log data on the use of data systems
Products are designed to reduce the impact of incidents
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

Article 13.1(.2.k): Reducing the impact of an incident
CRA
See all related requirements and other information from tasks own page.
Go to >
Products are designed to reduce the impact of incidents
Control and monitoring policy
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Control and monitoring policy
Defining measures to detect a failure of logging systems
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining measures to detect a failure of logging systems
Defining events that need to be logged
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining events that need to be logged
Application security components of leveraging vetted modules or services
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

16.11: Leverage Vetted Modules or Services for Application Security Components
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Application security components of leveraging vetted modules or services
Deploying a host-based intrusion prevention solution
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

13.7: Deploy a Host-Based Intrusion Prevention Solution
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying a host-based intrusion prevention solution
Deploying a host-based intrusion detection solution
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

13.7: Deploy a Host-Based Intrusion Prevention Solution
CIS 18
13.2: Deploy a Host-Based Intrusion Detection Solution
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying a host-based intrusion detection solution
Secure remote access integration
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

12.7: Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Secure remote access integration
Establishing and maintaining an isolated instance of recovery data
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

11.4: Establish and Maintain an Isolated Instance of Recovery Data
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining an isolated instance of recovery data
Disabling autorun and autoplay for removable media
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

10.3: Disable Autorun and Autoplay for Removable Media
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Disabling autorun and autoplay for removable media
Ensuring use of fully supported browsers and email clients
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

9.1: Ensure Use of Only Fully Supported Browsers and Email Clients
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Ensuring use of fully supported browsers and email clients
Collecting service provider logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.12: Collect Service Provider Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting service provider logs
Retaining audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.10: Retain Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Retaining audit logs
Collecting URL request audit logs on enterprise assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.7: Collect URL Request Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting URL request audit logs on enterprise assets
Collecting DNS query audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.6: Collect DNS Query Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting DNS query audit logs
Collecting detailed audit logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

8.5: Collect Detailed Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting detailed audit logs
Collecting command-line audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.8: Collect Command-Line Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting command-line audit logs
Establishing and maintaining an audit log management process
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.1: Establish and Maintain an Audit Log Management Process
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining an audit log management process
Establishing and maintaining a service account inventory
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

5.5: Establish and Maintain an Inventory of Service Accounts
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining a service account inventory
Process for securing enterprise assets and software
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

4.6: Securely Manage Enterprise Assets and Software
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for securing enterprise assets and software
Process for automating session locking on enterprise assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

4.3: Configure Automatic Session Locking on Enterprise Assets
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for automating session locking on enterprise assets
Make use of automated software inventory tools
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

2.4: Utilize Automated Software Inventory Tools
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Make use of automated software inventory tools
Process for using a dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

1.4: Use Dynamic Host Configuration Protocol (DHCP) Logging to Update Enterprise Asset Inventory
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for using a dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory
Process for addressing unauthorized assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

1.2: Address Unauthorized Assets
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for addressing unauthorized assets
Ensuring collected data relevance
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

3.2.7: Review the security relevant monitoring-data regularly and, if necessary, reconfigure the monitoring
NSM ICT-SP
3.3.5: Continually assess whether the collected data is sufficiently relevant and detailed
NSM ICT-SP
§ 6-4.4: Håndtering av overvåkingsdata
Sikkerhetsloven
See all related requirements and other information from tasks own page.
Go to >
Ensuring collected data relevance
Implement SIEM as part of the ICT system
Critical
High
Normal
Low
Security systems and logging
9
requirements

Examples of other requirements this task affects

3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
3.3.7: Use analytics tools, technology and algorithms
NSM ICT-SP
3.3.3: Select tools that support manual and automated searches including criteria based alerts
NSM ICT-SP
29: Agrās brīdināšanas sensori
NIS2 Latvia
31: Centralizēta aizsardzība pret pakalpojumatteices kiberuzbrukumiem
NIS2 Latvia
See all related requirements and other information from tasks own page.
Go to >
Implement SIEM as part of the ICT system
Determine a strategy and guidelines for security monitoring
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

3.2.2: Comply with laws, regulations and the organisation’s guidelines on security monitoring
NSM ICT-SP
3.2.1: Determine a strategy and guidelines for security monitoring
NSM ICT-SP
19.2.k: Traċċabbiltà u reġistrazzjoni tas-sistemi tal-informazzjoni
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Determine a strategy and guidelines for security monitoring
Ensuring collected data relevance
Critical
High
Normal
Low
Security systems and logging
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Ensuring collected data relevance
Logging and review of admin and security logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

3.2.4: Decide which data is security-relevant and should be collected
NSM ICT-SP
3.14: Log Sensitive Data Access
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Logging and review of admin and security logs
Implement standardized log format
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

3.2.5: Verify that the monitoring is working as intended
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Implement standardized log format
Review process for event logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

5.2.4: Log management and analysis
TISAX
See all related requirements and other information from tasks own page.
Go to >
Review process for event logs
Deployment and regular analysis of security system logs
Critical
High
Normal
Low
Security systems and logging
39
requirements

Examples of other requirements this task affects

9.1.2: Access to networks and network services
ISO 27001
12.4.1: Event logging
ISO 27001
PR.PT-1: Audit/log records
NIST
RS.AN-1: Notifications from detection systems
NIST
8.15: Logging
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Deployment and regular analysis of security system logs
Definition and monitoring of alarm policies
Critical
High
Normal
Low
Security systems and logging
43
requirements

Examples of other requirements this task affects

Članak 30.1.b (logs): Postupanje s incidentima, uključujući njihovo praćenje, evidentiranje i prijavljivanje
NIS2 Croatia
9.9a §: Poikkeamien havainnointi
Kyberturvallisuuslaki
30 § 3.2° (détection et journaux): La gestion des incidents
NIS2 Belgium
3.3.6: Establish a procedure for escalating alerts
NSM ICT-SP
PR.DS-4: Adequate capacity to ensure availability is maintained.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Definition and monitoring of alarm policies
Data system log review
Critical
High
Normal
Low
Security systems and logging
48
requirements

Examples of other requirements this task affects

Članak 30.1.b (logs): Postupanje s incidentima, uključujući njihovo praćenje, evidentiranje i prijavljivanje
NIS2 Croatia
9.9a §: Poikkeamien havainnointi
Kyberturvallisuuslaki
5.2.4: Log management and analysis
TISAX
30 § 3.2° (détection et journaux): La gestion des incidents
NIS2 Belgium
4.2.1: Review log data and collect relevant data on the incident to create a good basis for making decisions
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Data system log review
Protecting log information
Critical
High
Normal
Low
Security systems and logging
15
requirements

Examples of other requirements this task affects

12.4.2: Protection of log information
ISO 27001
6.6.1: Tietoturvan ja tietosuojan seuranta ja valvonta
Omavalvontasuunnitelma
TEK-12: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Julkri
8.15: Logging
ISO 27001
3.2.1: Determine a strategy and guidelines for security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Protecting log information
Lokitietojen suojaaminen (ST III-II)
Critical
High
Normal
Low
Security systems and logging
0
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Lokitietojen suojaaminen (ST III-II)
Management process for preventing log editing
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Management process for preventing log editing
Clock synchronization
Critical
High
Normal
Low
Security systems and logging
8
requirements

Examples of other requirements this task affects

12.4.4: Clock synchronisation
ISO 27001
8.17: Clock synchronization
ISO 27001
PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy.
CyberFundamentals
2.3.9: Synchronize time across devices and use trusted time sources
NSM ICT-SP
3.2.6: Prevent manipulation of monitoring-data
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Clock synchronization
Identifying and reacting to logging errors in protection systems logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

19.2.k: Traċċabbiltà u reġistrazzjoni tas-sistemi tal-informazzjoni
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Identifying and reacting to logging errors in protection systems logs
Monitoring of cloud-based data systems
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

CLD 12.4: Logging and monitoring
ISO 27017
CLD 12.4.5: Monitoring of Cloud Services
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Monitoring of cloud-based data systems
Lokitietojen keräämiseen liittyvien vaatimusten tunnistaminen ja lokitietojen riittävyys
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

HAL-07.1: Seuranta ja valvonta - tietojen käyttö ja luovutukset
Julkri
4.6: Lokitietojen kerääminen
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Lokitietojen keräämiseen liittyvien vaatimusten tunnistaminen ja lokitietojen riittävyys
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL III)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-11.2: Haittaohjelmilta suojautuminen - TL III
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL III)
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL II)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-11.3: Haittaohjelmilta suojautuminen - TL II
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL II)
Turvallisuusluokitellun tiedon käsittelyn lokitus ja lokitietojen säilytys (TL III)
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

TEK-12.2: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - TL III
Julkri
I-10: MONITASOINEN SUOJAAMINEN – TURVALLISUUTEEN LIITTYVIEN TAPAHTUMIEN JÄLJITETTÄVYYS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokitellun tiedon käsittelyn lokitus ja lokitietojen säilytys (TL III)
Turvallisuusluokitellun tiedon käsittelyn lokitus ja lokitietojen säilytys (TL I)
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

TEK-12.3: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - TL I
Julkri
I-10: MONITASOINEN SUOJAAMINEN – TURVALLISUUTEEN LIITTYVIEN TAPAHTUMIEN JÄLJITETTÄVYYS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokitellun tiedon käsittelyn lokitus ja lokitietojen säilytys (TL I)
Poikkeamien havainnoinnin ja toipumisen lisävaatimukset (TL IV)
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

TEK-13.2: Poikkeamien havainnointikyky ja toipuminen
Julkri
I-10: MONITASOINEN SUOJAAMINEN – TURVALLISUUTEEN LIITTYVIEN TAPAHTUMIEN JÄLJITETTÄVYYS
Katakri 2020
I-11: MONITASOINEN SUOJAAMINEN – POIKKEAMIEN HAVAINNOINTIKYKY JA TOIPUMINEN
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Poikkeamien havainnoinnin ja toipumisen lisävaatimukset (TL IV)
Tietojenkäsittely-ympäristön käyttäjien tehostettu seuranta (TL I)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-13.3: Poikkeamien havainnointikyky ja toipuminen - TL I
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tietojenkäsittely-ympäristön käyttäjien tehostettu seuranta (TL I)
Determining the baseline for network and data system usage for monitoring purposes
Critical
High
Normal
Low
Security systems and logging
11
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
I-11: MONITASOINEN SUOJAAMINEN – POIKKEAMIEN HAVAINNOINTIKYKY JA TOIPUMINEN
Katakri 2020
Article 10: Detection
DORA
DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed.
CyberFundamentals
3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Determining the baseline for network and data system usage for monitoring purposes
Collection of logs from all assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.2: Collect Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collection of logs from all assets
Archiving and signing logs at regular intervals
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

3.2.6: Prevent manipulation of monitoring-data
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Archiving and signing logs at regular intervals
Training own IT-personnel for security system usage
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Training own IT-personnel for security system usage
Evaluating the efficiency, viability and needs for security systems
Critical
High
Normal
Low
Security systems and logging
4
requirements

Examples of other requirements this task affects

12.1.2: Change management
ISO 27001
CC6.8: Detection and prevention of unauthorized or malicious software
SOC 2
DE.DP-5: Detection processes are continuously improved.
CyberFundamentals
3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Evaluating the efficiency, viability and needs for security systems
Automatic log data analyzation
Critical
High
Normal
Low
Security systems and logging
46
requirements

Examples of other requirements this task affects

Članak 30.1.b (logs): Postupanje s incidentima, uključujući njihovo praćenje, evidentiranje i prijavljivanje
NIS2 Croatia
9.9a §: Poikkeamien havainnointi
Kyberturvallisuuslaki
5.2.4: Log management and analysis
TISAX
30 § 3.2° (détection et journaux): La gestion des incidents
NIS2 Belgium
2.4.4: Activate firewall on all clients and servers
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Automatic log data analyzation
Access management for files stored in the cloud
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

9.4.1: Information access restriction
ISO 27001
12.4.1: Event logging
ISO 27001
8.3: Information access restriction
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Access management for files stored in the cloud
Monitoring management of encryption and encryption keys
Critical
High
Normal
Low
Security systems and logging
5
requirements

Examples of other requirements this task affects

10: Cryptography
ISO 27017
10.1: Cryptographic controls
ISO 27017
10.1.2: Key management
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Monitoring management of encryption and encryption keys
Process for identifying and responding to system log faults
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Process for identifying and responding to system log faults
Vulnerability monitoring in used third-party or open source libraries
Critical
High
Normal
Low
Security systems and logging
8
requirements

Examples of other requirements this task affects

8.28: Secure coding
ISO 27001
ID.RA-1: Asset vulnerabilities are identified and documented.
CyberFundamentals
ID.RA-01: Asset vulnerabilities
NIST 2.0
16.5: Use Up-to-Date and Trusted Third-Party Software Components
CIS 18
Article 13.6: Vulnerabilities in third party components
CRA
See all related requirements and other information from tasks own page.
Go to >
Vulnerability monitoring in used third-party or open source libraries
Monitoring the use of the network and information systems to identify anomalies
Critical
High
Normal
Low
Security systems and logging
23
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
6.11: Alusta- ja verkkopalvelujen tietoturvallinen käyttö tietosuojan ja varautumisen kannalta
Tietoturvasuunnitelma
I-11: MONITASOINEN SUOJAAMINEN – POIKKEAMIEN HAVAINNOINTIKYKY JA TOIPUMINEN
Katakri 2020
5.2.3: Malware protection
TISAX
DE.CM-1: The network is monitored to detect potential cybersecurity events.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Monitoring the use of the network and information systems to identify anomalies
Information sharing related to network and data systems usage anomalies
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Information sharing related to network and data systems usage anomalies

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security