CESG Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles - a Protective Monitoring solution will provide visibility and an understanding of who is accessing your organisations sensitive data.
Implementation of protective monitoring solutions are recommended in a number of regulatory and industry best practices, such as PCI DSS, Cyber Security and SOX. While it is not compulsory for private organisations to implement a Protective Monitoring solution, most organisations would be remiss in their care of duty if not implementing a solution, when it comes to security controls required to protect third party data within their organisations.
Implementation of Good Practice Guide 13 is a strong recommendation for all HMG ICT Systems, and is essentially compulsory for systems that store high impact level data.
The goal of a Protective Monitoring system is to ensure that there is a level of operational insight, to ensure that organisations have an understanding of how their IT systems are being used or abused by internal or external agents.
The Somerford GPG13 App with Splunk can be procured through GCloud.
For further details or a demonstration of our GPG13 app please contact us.