The introduction of an Information Security Management System (ISMS) is a necessary and important, but not sufficient building block for the establishment of cyber resilience of companies or public authorities. Since there can never be 100% security, there are now also many legal security regulations (such as BSI IT-Grundschutz, IT-SiG 2.0, KRITIS, etc.) that require the establishment of technical and operational capabilities for continuous attack detection and response.

This primarily involves the following two core tasks that security operations management should ensure:
(a) the continuous proactive detection, assessment, and remediation of vulnerabilities and cyber risks
b) the continuous reactive early detection and elimination ...