History

Priority

should

2010

Agencies should develop, implement and maintain an intrusion detection strategy that includes:• appropriate intrusion detection mechanisms, including network-based IDSs and host-based IDSs asnecessary• the audit analysis of event logs, including IDS logs• a periodic audit of intrusion detection procedures• information security awareness and training programs• a documented IRP.

2008

Agencies should develop, implement and maintain an intrusion detection strategy, based on the results of a risk assessment, that includes: a. appropriate intrusion detection mechanisms, including network-based IDSs and host-based IDSs as necessary b. the audit analysis of event logs, including IDS logs c. a periodic audit of intrusion detection procedures d. ICT security awareness and training programs e. a documented ICT security incident response procedure.