Message info From:Waltermire, David A. Subject:Re: [sacm] First Cut at Use Case Draft Abstract Date:Thu, 29 Mar 2012 02:51:22 -0400

Thanks Tony.  I'll take a look at your use cases and work the concept of threat assessment and the downstream value of threat mitigation into the abstract.

From: [] On Behalf Of Tony Rutkowski []
Sent: Wednesday, March 28, 2012 9:52 PM
Subject: Re: [sacm] First Cut at Use Case Draft Abstract

Hi Dave,

The attached may be useful.

The text
"automated and continuous
monitoring of cybersecurity threats
and conducting regular threat assessments"
is acquiring some buy-in.  It might be
useful to use threat mitigation as a value


On 3/28/2012 11:51 AM, Waltermire, David A. wrote:
A few us met this morning to discuss how to move forward with writing the use case document.  We agreed to first develop an abstract, then an intro, then work on the rest of the document.  This way we can build consensus as we delve into deeper detail.
Based on this plan, below is a first cut at an abstract.  Comments, changes or alternatives would be appreciated.
This draft identifies fundamental use cases, derived functional capabilities and requirements, architectural components, and the supporting standards needed to define the interoperable, automation infrastructure required to support timely, accurate and actionable situational awareness over an organizations IT infrastructure.  Automation tools implementing a continuous monitoring approach will utilize this infrastructure to provide visibility into the state of assets, user activities and network behavior.  Stakeholders will be able to use these tools to understand the organizations security posture, quantify business risk, and make informed decisions that support organizational objectives while protecting critical information.  Other automation tools will be able to leverage information provided by this infrastructure to enforce policies based on human decisions.

sacm mailing list