DE.CM-06.284

Does your organization have a system in place to monitor and detect unusual or suspicious activities from cloud services, ISPs, and other third-party service providers?

Explanation

Monitoring third-party service provider activities is crucial for detecting potential security incidents, data breaches, or unauthorized access that might originate from these trusted connections. Unusual patterns in cloud service usage, unexpected traffic from ISPs, or abnormal behavior from other service providers could indicate compromise or misuse of credentials, services, or infrastructure. Evidence of compliance could include screenshots of monitoring dashboards, logs showing alerts for unusual activities, documentation of baseline normal behavior for each service provider, incident response records related to service provider anomalies, or reports from security information and event management (SIEM) systems that specifically track third-party service activities.

Implementation Example

Monitor activity from cloud-based services, internet service providers, and other service providers for deviations from expected behavior

ID: DE.CM-06.284

Context

Function: DE: DETECT
Category: DE.CM: Continuous Monitoring
Sub-Category: External service provider activities and services are monitored to find potentially adverse events

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub