Often, security tools provide a way to set alert policies when something potentially dangerous happens in an organization's environment. For example, Microsoft 365 has built-in alert policies to alert you to abuse of administrator privileges, malware, potential internal and external risks, and data security risks.
The organization must identify security-related events in data systems and the environments in which they operate. To respond to changes related to these events, alarm policies must be created.
Alarm policies need to be actively monitored and modified based on experience.
The operation of information systems may depend on certain key resources, such as server capacity, file storage capacity, data processing capacity, monitoring capacity or certain key persons.
In particular, some of these resources may have long delivery times or high costs in certain situations, in which case special attention must be paid to future capacity problems with them.
We monitor the use of key system resources and identify trends, potential security bottlenecks and dependencies on important people.
The organization should Implement measures to secure the organization’s critical systems from Denial-of-Service (DoS) attacks, or at least limit their impact. These could include: