Lesson 15: Detection Processes (DE.DP)

In this lesson students will learn about the importance of Detection Processes to identify Cybersecurity Events before they can escalate into a Cybersecurity Incident. In this lesson we will clarify some of the technical requirements required to proactively Detect Cybersecurity events and incidents. These requirements include documenting and communication roles and responsibilities, assurance that detection processes comply with statutes, regulations and contractual obligations, regular testing detection processes, event intelligence is shared with appropriate parties, and detection processes are continuously improved. In this lesson we will review many valuable considerations for the establishment of detection Processes. We will also provide an exercise for students to practice their newfound knowledge and develop new Cybersecurity skills.