Cyber situational awareness

Cyber situational awareness is the capability that helps security analysts and decision makers:


 * Visualize and understand the current state of the IT infrastructure, as well as the defensive posture of the IT environment
 * Identify what infrastructure components are important to complete key functions
 * Understand the possible actions an adversary could undertake to damage critical IT infrastructure components
 * Determine where to look for key indicators of malicious activity.

Cyber situational awareness involves the normalization, deconfliction, and correlation of disparate sensor data, and the ability to analyze data and display the results of these analyses. Situational awareness (SA) is an integral part of an information assurance (IA) common operational picture. Such a picture provides a graphical, statistical, and analytical view of the status of computer networks and the defensive posture.