Cyber Situation Awareness Overview
Our growing dependency on cyberspace has greatly increased the need for situation awareness — essentially, understanding your environment and accurately predicting and responding to potential problems that might occur.
Cyber Situation Awareness provides both a holistic and specific view of threats and vulnerabilities, allowing organizations the ability to identify, process and comprehend information in real-time. It also enables the accurate perception of an enterprise’s security stance and its threat environment. This, in turn, helps organizations gauge both their current and future risk status and protection posture.
Effective cyber situation awareness requires
1. People to provide effective communications across business units and the ability to analyze disparate information and make sense of it,
2. Technology for collecting, analyzing, and storing a large amount of data, and
3. The ability to map observations with the context in a way that makes the best use of resources.
It requires an understanding of what augmenting data will allow practitioners to make competent inferences.