Alerts

Alerts in a cyber security context refer to feedback that comes from monitoring systems like an IPS or IDS

 
Think of it like a building alarm system. If your sensors pick up movement in the building when it shouldn’t be occurring, it will sound an alarm or silent alarm or send you a text or have the police respond. These are things alerting you to a problem, hence the term alerts. They are only as helpful as your response to them. If the alarm goes off and no one responds, then the breach can continue. 
 
However, just like your building alarm system, something innocuous like a cat locked inside or a mouse in the house or a strong wind rattling the windows can send false positive alerts. Similarly too, it will only alert you to the things it’s looking for. For example, if it is a movement sensor, the movement sensor has to be directed to see it. If it’s a camera recording information it has to be recording in the right place. If it has facial recognition, it has to know the face it’s looking for. 
 
All of these analogies are true too of cyber security alerts from your monitoring systems. The systems need to know what they are looking for, they needs to be analysed and acted upon to be effective and they need to be recording the right information in the right places.

Leave a Reply

Your email address will not be published. Required fields are marked *