Cyber Risk Framework - Detect Part One 2 CPE

This is a segment in our ongoing series on cyber risks.  In this session we begin to delve into the detection phase of a cyber risk assessment.  

Once assets are identified, the National Institute of Standards and Technology (NIST) framework suggests organizations then protect those assets. The next element is to detect threats against those assets.  Some may correlate this to the “Monitoring” phase of the Committee of Sponsoring Organizations (COSO) internal control framework, but there is much more involved in detection than simple monitoring.

In this segment we discuss important elements to consider when determining how to stay abreast of impending threats and what organizations should do to detect those threats. We also discuss the types of Information Technology (IT) assets you should consider when establishing your detection processes.  Our discussion on the detect phase is divided into two separate courses. This is course one.

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.

Prerequisites

No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.

Learning Objective

• Identify cybersecurity threats that should be understood in order to detect inappropriate activity.
• Explore the detect function of a cyber risk assessment and its components.
• Identify the concepts of anomalies and events in order to detect cyber threats.
• Identify the concept of security continuous monitoring.
• Identify detection processes.
• Explore challenges to detecting and defending against cyber threats.

Last updated/reviewed: July 14, 2025