Skip to main content
Whitepaper

Collection Management Frameworks – Beyond Asset Inventories for Preparing for and Responding to Cyber Threats

By Robert M. Lee, Ben Miller and Mark Stacey

Organizations require robust asset identification to ensure effective cybersecurity strategies. However, defenders need to go beyond asset inventories in the traditional sense and develop and utilize an internally focused collection management framework to enable incident responders and security operations staff who must prepare for and conduct investigations into adversary activity in their environments.

A collection management framework (CMF) is a structured approach to identifying data sources and what information can be obtained from each source. The concept of collection management is rooted in intelligence work. In the intelligence field it is routine to identify requirements and then determine where sources exist to collect information to satisfy those requirements. Various styles of collection management exist and can incorporate attributes such as a reliability rating of the data and measurements of trustworthiness, accurateness, and completeness. An important concept in collection management is developing an effective framework to meet the requirements of the analyst as it relates to collecting data and producing information from it; not necessarily subscribing to others’ exact models.

Enter your information to download the whitepaper.
SKIP

Discover more resources.

Explore more resources to support you on your ICS cybersecurity journey.

Read our next whitepaper

whitepapers

Building security to achieve engineering and business requirements

Robert M. Lee
View Whitepaper
Right Arrow

View more whitepapers

Right Arrow

See the Dragos Platform in Action

Take the next step to protect your OT environment now with a free demo