DE.CM: Security Continuous Monitoring
Description
The information system and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures.
Framework Subcategories
DE.CM-1: The network is monitored to detect potential cybersecurity events
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-2: The physical environment is monitored to detect potential cybersecurity events
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-4: Malicious code is detected
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-5: Unauthorized mobile code is detected
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed
[csf.tools Note: Subcategories do not have detailed descriptions.]
DE.CM-8: Vulnerability scans are performed
[csf.tools Note: Subcategories do not have detailed descriptions.]