Back

Configure each system's security alerts to organizational standards.


CONTROL ID
12113
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain system hardening procedures., CC ID: 12001

This Control has the following implementation support Control(s):
  • Configure the system to issue a security alert when an administrator account is created., CC ID: 12122


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Alerts regarding use of the same machine for both maker and checker transactions need to be considered. (Critical components of information security 11) c.20., Guidelines on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds)
  • monitoring and alert mechanisms for the detection of compromises of environmental controls including: temperature; water; smoke and access sensors/alarms; service availability alerts (power supply, telecommunication, servers); and access log reviews. (¶ 56(c), APRA Prudential Practice Guide 234: Management of security risk in information and information technology, May 2013)
  • Network devices shall be capable of automatically providing notification to a configurable set of recipients upon discovery of an attempt to make an unauthorized physical access. All notifications of tampering shall be logged as part of the overall audit logging function. (15.8.3 (1) ¶ 1, IEC 62443-4-2: Security for industrial automation and control systems – Part 4-2: Technical security requirements for IACS components, Edition 1.0)
  • Network devices shall be capable of automatically providing notification to a configurable set of recipients upon discovery of an attempt to make an unauthorized physical access. All notifications of tampering shall be logged as part of the overall audit logging function. (15.8.3 (1) ¶ 1, Security for Industrial Automation and Control Systems, Part 4-2: Technical Security Requirements for IACS components)
  • Employ automated mechanisms to make security alert and advisory information available throughout the agency as appropriate. (§ 5.10.4.4 ¶ 1(5), Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.8, Version 5.8)
  • Employ automated mechanisms to make security alert and advisory information available throughout the agency as appropriate. (§ 5.10.4.4 ¶ 1 5., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Alert parameters are set for detecting information security incidents that prompt mitigating actions. (Domain 5: Assessment Factor: Detection, Response, and Mitigation, DETECTION Baseline 1 ¶ 1, FFIEC Cybersecurity Assessment Tool, Baseline, May 2017)
  • a solution that centralizes logging and security event alerting. (§ 500.14 Monitoring and Training (b)(2), New York Codes, Rules and Regulations, Title 23, Chapter 1, Part 500 Cybersecurity Requirements for Financial Services Companies, Second Amendment)