Improving Security Operations in Government

The National Cyber Security Centre (NCSC) provides practical measures to help UK government bodies meet their Protective Monitoring needs. This guidance, which evolved from the former CESG Good Practice Guide No 13 (GPG13), covers logging, monitoring and security operations. NCSC’s guidance is aimed at helping UK government departments, agencies, critical national infrastructure and public sector supply chains protect their information and systems. It also has relevance for local government and the wider public sector.

UK Government organisations and agencies have clear responsibilities concerning the safe-keeping of information and the IT security of their systems. The guidance can be found at the NCSC site here.

How to improve Protective Monitoring

Our compliance guide to the established GPG13 standard shows how Huntsman Security’s Enterprise SIEM supports UK government organisations meet the aims of NCSC by:

  • Combining requirements like security audits, forensic analysis and rule-based intrusion detection with advanced real-time behaviour anomaly detection
  • Managing, storing, analysing and reporting on logs and events within defined time scales
  • Monitoring and identifying suspicious activity, human or IT, across an IT network

Achieving GPG13 Compliance

Our GPG13 Compliance Guide covers the following key concepts:

  • Government security requirements for protective monitoring
  • Real-time security threat detection for users, network, databases, applications and communications
  • Behaviour anomaly detection, baselining normal activity and detecting suspicious activity
  • Compliance and IT security policy monitoring and risk management
  • Forensics analysis, audit and investigations

Download the GPG13 Compliance Guide Overview

Security Operations & Management

More recent guidance has focused on the wider process objectives such as logging, threat detection and incident handling. In some of the finer detail, this guidance echoes the requirements of GPG13 with regard to protective monitoring.

Huntsman Security’s Enterprise SIEM can form the basis of a security operations centre that follows this ethos.

Request More InfoDownload Enterprise SIEM Brochure

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.