Content library
Security systems and logging
Implement SIEM as part of the ICT system
Technical cyber security
Security systems and logging

Implement SIEM as part of the ICT system

Start free trial

Task description

Implement SIEM as part of the ICT system

Organization should use tools that support both manual and automated searches, including criteria-based searches. The tool should be able to automatically collate data from different sources to more easily determine whether an incident is genuine, as well as its scope and nature.


These operations and processes can be implemented with SIEM (Security information and event management). SIEM solutions use analytics tools, technology and algorithms (e.g., newer SIEM solutions employ applied machine learning) to help detect unknown threats and abnormalities in the security-relevant data. Also SIEM solutions allow organizations to modify already existing (which usually come pre-configured) and add criteria-based alerts to match known threats. These things will help detect threats earlier.

Requirements connected to the task

13.1: Centralize Security Event Alerting
CIS 18 controls
29: Agrās brīdināšanas sensori
Nacionālās kiberdrošības likums (Latvia)
3.3.1: Create a plan for analysing data from security monitoring
NSM ICT Security Principles (Norway)
3.3.3: Select tools that support manual and automated searches including criteria based alerts
NSM ICT Security Principles (Norway)
3.3.7: Use analytics tools, technology and algorithms
NSM ICT Security Principles (Norway)
31: Centralizēta aizsardzība pret pakalpojumatteices kiberuzbrukumiem
Nacionālās kiberdrošības likums (Latvia)
31: Besondere Anforderungen an die Risikomanagementmaßnahmen von Betreibern kritischer Anlagen
NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz (Deutschland)
8.9: Centralize Audit Logs
CIS 18 controls

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Documentation of system logs for self-maintained data systems
Critical
High
Normal
Low
Security systems and logging
50
requirements

Examples of other requirements this task affects

12.4.1: Event logging
ISO 27001
12.4.2: Protection of log information
ISO 27001
I10: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Katakri
6.6.1: Tietoturvan ja tietosuojan seuranta ja valvonta
Omavalvontasuunnitelma
PR.PT-1: Audit/log records
NIST
See all related requirements and other information from tasks own page.
Go to >
Documentation of system logs for self-maintained data systems
Collection of log data on the use of data systems
Critical
High
Normal
Low
Security systems and logging
13
requirements

Examples of other requirements this task affects

17 §: Lokitietojen kerääminen
TiHL
HAL-07.1: Seuranta ja valvonta - tietojen käyttö ja luovutukset
Julkri
TEK-12: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Julkri
TEK-12.1: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - tietojen luovutukset
Julkri
49: Tietojärjestelmien lokitietojen keräys
Digiturvan kokonaiskuvapalvelu
See all related requirements and other information from tasks own page.
Go to >
Collection of log data on the use of data systems
Products are designed to reduce the impact of incidents
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

Article 13.1(.2.k): Reducing the impact of an incident
CRA
See all related requirements and other information from tasks own page.
Go to >
Products are designed to reduce the impact of incidents
Control and monitoring policy
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Control and monitoring policy
Defining measures to detect a failure of logging systems
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining measures to detect a failure of logging systems
Defining events that need to be logged
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining events that need to be logged
Application security components of leveraging vetted modules or services
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

16.11: Leverage Vetted Modules or Services for Application Security Components
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Application security components of leveraging vetted modules or services
Deploying a host-based intrusion prevention solution
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

13.7: Deploy a Host-Based Intrusion Prevention Solution
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying a host-based intrusion prevention solution
Deploying a host-based intrusion detection solution
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

13.2: Deploy a Host-Based Intrusion Detection Solution
CIS 18
13.7: Deploy a Host-Based Intrusion Prevention Solution
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying a host-based intrusion detection solution
Secure remote access integration
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

12.7: Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Secure remote access integration
Establishing and maintaining an isolated instance of recovery data
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

11.4: Establish and Maintain an Isolated Instance of Recovery Data
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining an isolated instance of recovery data
Disabling autorun and autoplay for removable media
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

10.3: Disable Autorun and Autoplay for Removable Media
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Disabling autorun and autoplay for removable media
Ensuring use of fully supported browsers and email clients
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

9.1: Ensure Use of Only Fully Supported Browsers and Email Clients
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Ensuring use of fully supported browsers and email clients
Collecting service provider logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.12: Collect Service Provider Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting service provider logs
Retaining audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.10: Retain Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Retaining audit logs
Collecting URL request audit logs on enterprise assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.7: Collect URL Request Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting URL request audit logs on enterprise assets
Collecting DNS query audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.6: Collect DNS Query Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting DNS query audit logs
Collecting detailed audit logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

8.5: Collect Detailed Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting detailed audit logs
Collecting command-line audit logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.8: Collect Command-Line Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collecting command-line audit logs
Establishing and maintaining an audit log management process
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.1: Establish and Maintain an Audit Log Management Process
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining an audit log management process
Establishing and maintaining a service account inventory
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

5.5: Establish and Maintain an Inventory of Service Accounts
CIS 18
8.35: HLT – Zero trust-principes
NEN 7510
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining a service account inventory
Process for securing enterprise assets and software
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

4.6: Securely Manage Enterprise Assets and Software
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for securing enterprise assets and software
Process for automating session locking on enterprise assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

4.3: Configure Automatic Session Locking on Enterprise Assets
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for automating session locking on enterprise assets
Make use of automated software inventory tools
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

2.4: Utilize Automated Software Inventory Tools
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Make use of automated software inventory tools
Process for using a dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

1.4: Use Dynamic Host Configuration Protocol (DHCP) Logging to Update Enterprise Asset Inventory
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for using a dynamic host configuration protocol (DHCP) logging to update enterprise asset inventory
Process for addressing unauthorized assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

1.2: Address Unauthorized Assets
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for addressing unauthorized assets
Ensuring collected data relevance
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

3.2.7: Review the security relevant monitoring-data regularly and, if necessary, reconfigure the monitoring
NSM ICT-SP
3.3.5: Continually assess whether the collected data is sufficiently relevant and detailed
NSM ICT-SP
§ 6-4.4: Håndtering av overvåkingsdata
Sikkerhetsloven
See all related requirements and other information from tasks own page.
Go to >
Ensuring collected data relevance
Implement SIEM as part of the ICT system
Critical
High
Normal
Low
Security systems and logging
9
requirements

Examples of other requirements this task affects

3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
3.3.3: Select tools that support manual and automated searches including criteria based alerts
NSM ICT-SP
3.3.7: Use analytics tools, technology and algorithms
NSM ICT-SP
8.9: Centralize Audit Logs
CIS 18
13.1: Centralize Security Event Alerting
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Implement SIEM as part of the ICT system
Determine a strategy and guidelines for security monitoring
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

3.2.1: Determine a strategy and guidelines for security monitoring
NSM ICT-SP
3.2.2: Comply with laws, regulations and the organisation’s guidelines on security monitoring
NSM ICT-SP
19.2.k: Information systems traceability and logging
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Determine a strategy and guidelines for security monitoring
Ensuring collected data relevance
Critical
High
Normal
Low
Security systems and logging
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Ensuring collected data relevance
Logging and review of admin and security logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

3.2.4: Decide which data is security-relevant and should be collected
NSM ICT-SP
3.14: Log Sensitive Data Access
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Logging and review of admin and security logs
Implement standardized log format
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

3.2.5: Verify that the monitoring is working as intended
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Implement standardized log format
Review process for event logs
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

5.2.4: Log management and analysis
TISAX
See all related requirements and other information from tasks own page.
Go to >
Review process for event logs
Deployment and regular analysis of security system logs
Critical
High
Normal
Low
Security systems and logging
45
requirements

Examples of other requirements this task affects

9.1.2: Access to networks and network services
ISO 27001
12.4.1: Event logging
ISO 27001
PR.PT-1: Audit/log records
NIST
RS.AN-1: Notifications from detection systems
NIST
8.15: Logging
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Deployment and regular analysis of security system logs
Definition and monitoring of alarm policies
Critical
High
Normal
Low
Security systems and logging
51
requirements

Examples of other requirements this task affects

12.4.1: Event logging
ISO 27001
16.1.7: Collection of evidence
ISO 27001
PR.DS-4: Availability
NIST
DE.AE-5: Incident alert thresholds
NIST
RS.AN-1: Notifications from detection systems
NIST
See all related requirements and other information from tasks own page.
Go to >
Definition and monitoring of alarm policies
Data system log review
Critical
High
Normal
Low
Security systems and logging
53
requirements

Examples of other requirements this task affects

12.4.1: Event logging
ISO 27001
12.4.3: Administrator and operator logs
ISO 27001
I10: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Katakri
PR.PT-1: Audit/log records
NIST
DE.CM-7: Monitoring for unauthorized activity
NIST
See all related requirements and other information from tasks own page.
Go to >
Data system log review
Protecting log information
Critical
High
Normal
Low
Security systems and logging
16
requirements

Examples of other requirements this task affects

12.4.2: Protection of log information
ISO 27001
6.6.1: Tietoturvan ja tietosuojan seuranta ja valvonta
Omavalvontasuunnitelma
TEK-12: Turvallisuuteen liittyvien tapahtumien jäljitettävyys
Julkri
8.15: Logging
ISO 27001
3.2.1: Determine a strategy and guidelines for security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Protecting log information
Lokitietojen suojaaminen (ST III-II)
Critical
High
Normal
Low
Security systems and logging
0
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Lokitietojen suojaaminen (ST III-II)
Management process for preventing log editing
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Management process for preventing log editing
Clock synchronization
Critical
High
Normal
Low
Security systems and logging
9
requirements

Examples of other requirements this task affects

12.4.4: Clock synchronisation
ISO 27001
8.17: Clock synchronization
ISO 27001
PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy.
CyberFundamentals
2.3.9: Synchronize time across devices and use trusted time sources
NSM ICT-SP
3.2.6: Prevent manipulation of monitoring-data
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Clock synchronization
Identifying and reacting to logging errors in protection systems logs
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

19.2.k: Information systems traceability and logging
NIS2 Malta
See all related requirements and other information from tasks own page.
Go to >
Identifying and reacting to logging errors in protection systems logs
Monitoring of cloud-based data systems
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

CLD 12.4: Logging and monitoring
ISO 27017
CLD 12.4.5: Monitoring of Cloud Services
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Monitoring of cloud-based data systems
Lokitietojen keräämiseen liittyvien vaatimusten tunnistaminen ja lokitietojen riittävyys
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

HAL-07.1: Seuranta ja valvonta - tietojen käyttö ja luovutukset
Julkri
4.6: Lokitietojen kerääminen
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Lokitietojen keräämiseen liittyvien vaatimusten tunnistaminen ja lokitietojen riittävyys
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL III)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-11.2: Haittaohjelmilta suojautuminen - TL III
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL III)
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL II)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-11.3: Haittaohjelmilta suojautuminen - TL II
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvalliset toimintatavat tiedon sisääntuontiin ja ulosvientiin järjestelmistä (TL II)
Logging and retention of log data in the processing of classified information (CL III)
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

TEK-12.2: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - TL III
Julkri
I-10: DEFENCE IN DEPTH – TRACEABILITY OF SECURITY EVENTS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Logging and retention of log data in the processing of classified information (CL III)
Logging and retention of log data in the processing of classified information (CL I)
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

TEK-12.3: Turvallisuuteen liittyvien tapahtumien jäljitettävyys - TL I
Julkri
I-10: DEFENCE IN DEPTH – TRACEABILITY OF SECURITY EVENTS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Logging and retention of log data in the processing of classified information (CL I)
Additional requirements for anomaly detection and recovery (CL IV)
Critical
High
Normal
Low
Security systems and logging
3
requirements

Examples of other requirements this task affects

TEK-13.2: Poikkeamien havainnointikyky ja toipuminen
Julkri
I-10: DEFENCE IN DEPTH – TRACEABILITY OF SECURITY EVENTS
Katakri 2020
I-11: DEFENCE-IN-DEPTH - INCIDENT DETECTION AND RECOVERY
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Additional requirements for anomaly detection and recovery (CL IV)
Tietojenkäsittely-ympäristön käyttäjien tehostettu seuranta (TL I)
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

TEK-13.3: Poikkeamien havainnointikyky ja toipuminen - TL I
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tietojenkäsittely-ympäristön käyttäjien tehostettu seuranta (TL I)
Determining the baseline for network and data system usage for monitoring purposes
Critical
High
Normal
Low
Security systems and logging
12
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
I-11: DEFENCE-IN-DEPTH - INCIDENT DETECTION AND RECOVERY
Katakri 2020
Article 10: Detection
DORA
DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed.
CyberFundamentals
3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Determining the baseline for network and data system usage for monitoring purposes
Collection of logs from all assets
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

8.2: Collect Audit Logs
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Collection of logs from all assets
Archiving and signing logs at regular intervals
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

3.2.6: Prevent manipulation of monitoring-data
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Archiving and signing logs at regular intervals
Training own IT-personnel for security system usage
Critical
High
Normal
Low
Security systems and logging
1
requirements

Examples of other requirements this task affects

7.2.2: Information security awareness, education and training
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Training own IT-personnel for security system usage
Evaluating the efficiency, viability and needs for security systems
Critical
High
Normal
Low
Security systems and logging
4
requirements

Examples of other requirements this task affects

12.1.2: Change management
ISO 27001
CC6.8: Detection and prevention of unauthorized or malicious software
SOC 2
DE.DP-5: Detection processes are continuously improved.
CyberFundamentals
3.3.1: Create a plan for analysing data from security monitoring
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Evaluating the efficiency, viability and needs for security systems
Automatic log data analyzation
Critical
High
Normal
Low
Security systems and logging
51
requirements

Examples of other requirements this task affects

12.4.1: Event logging
ISO 27001
6.6.1: Tietoturvan ja tietosuojan seuranta ja valvonta
Omavalvontasuunnitelma
DE.CM-3: Personnel activity
NIST
TEK-13.1: Poikkeamien havainnointikyky ja toipuminen - poikkeamien havainnointi lokitiedoista
Julkri
8.15: Logging
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Automatic log data analyzation
Access management for files stored in the cloud
Critical
High
Normal
Low
Security systems and logging
4
requirements

Examples of other requirements this task affects

9.4.1: Information access restriction
ISO 27001
12.4.1: Event logging
ISO 27001
8.3: Information access restriction
ISO 27001
8.3: Beperking van de toegang tot informatie
NEN 7510
See all related requirements and other information from tasks own page.
Go to >
Access management for files stored in the cloud
Monitoring management of encryption and encryption keys
Critical
High
Normal
Low
Security systems and logging
5
requirements

Examples of other requirements this task affects

10: Cryptography
ISO 27017
10.1: Cryptographic controls
ISO 27017
10.1.2: Key management
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Monitoring management of encryption and encryption keys
Process for identifying and responding to system log faults
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Process for identifying and responding to system log faults
Vulnerability monitoring in used third-party or open source libraries
Critical
High
Normal
Low
Security systems and logging
9
requirements

Examples of other requirements this task affects

8.28: Secure coding
ISO 27001
ID.RA-1: Asset vulnerabilities are identified and documented.
CyberFundamentals
ID.RA-01: Asset vulnerabilities
NIST 2.0
16.5: Use Up-to-Date and Trusted Third-Party Software Components
CIS 18
Article 13.1(.2.a): Known exploitable vulnerabilities
CRA
See all related requirements and other information from tasks own page.
Go to >
Vulnerability monitoring in used third-party or open source libraries
Monitoring the use of the network and information systems to identify anomalies
Critical
High
Normal
Low
Security systems and logging
26
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
6.11: Alusta- ja verkkopalvelujen tietoturvallinen käyttö tietosuojan ja varautumisen kannalta
Tietoturvasuunnitelma
I-11: DEFENCE-IN-DEPTH - INCIDENT DETECTION AND RECOVERY
Katakri 2020
5.2.3: Malware protection
TISAX
PR.PT-1: Audit/log records are determined, documented, implemented, and reviewed in accordance with policy.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Monitoring the use of the network and information systems to identify anomalies
Information sharing related to network and data systems usage anomalies
Critical
High
Normal
Low
Security systems and logging
2
requirements

Examples of other requirements this task affects

8.16: Monitoring activities
ISO 27001
8.16: Monitoringactiviteiten
NEN 7510
See all related requirements and other information from tasks own page.
Go to >
Information sharing related to network and data systems usage anomalies

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security