<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2826169&amp;fmt=gif">
Start  trial

    Start trial

      roundel-database-and-shileld-01Hey there, Database Administrators!
      After our dive into the 'Protect' pillar, it's time to shift gears to another crucial aspect of the NIST Cybersecurity Framework – the 'Detect' pillar. This is where our skills and vigilance come into play to identify potential cybersecurity events. Think of yourself as a digital detective in the vast landscape of data.

      In the overarching scheme of cybersecurity, detection serves as an early warning system.

      The importance of detection in cybersecurity

      Detection is like the smoke alarm in your house. It’s not about preventing the fire; it’s about knowing it’s happening, and fast. In the cyber world, this translates to quickly and accurately identifying breaches or anomalies. The faster we detect, the quicker we can respond, reducing the overall impact of an incident.

      The DBA’s key responsibilities in detection

      Setting up alerts and notifications: Stay alert and informed. Create comprehensive alert systems for unauthorized access, data modifications, or other unusual activities. Consider it as erecting a watchtower in your digital fortress.

      PostgreSQL offers a wide array of monitoring capabilities through its detailed catalogue interface, presenting metrics as tables or views (prefixed with 'pg_'). Popular ones include pg_stat_activity, pg_stat_user_tables, and pg_stat_user_indexes. These views can be enhanced with extensions like pg_stat_statements for deeper query performance insights.

      Implementing real-time monitoring: Keep a continuous watch. Utilize tools to track database activities, logins, and transactions, maintaining a vigilant eye over your data landscape.

      A variety of both open-source and proprietary tools are available for this purpose, including Nagios, Zabbix, Prometheus/Grafana, Datadog, SolarWinds, and Foglight. For a lightweight approach, pgAdmin provides basic monitoring, while tools like pg_top add value to your monitoring suite. If you seek a comprehensive solution, Data Sentinel is highly recommended for monitoring multiple clusters.

      Anomaly detection: Subtle threats often go unnoticed. Utilizing anomaly detection tools can help identify deviations from normal patterns, possibly signalling a breach.

      Many of the aforementioned tools include anomaly detection features. We'll delve deeper into this topic in a future blog.

      Regular audits and reviews: Regularly auditing logs and database activities is vital. It's akin to post-event detective work, often uncovering gaps in defences or ongoing issues.

      Staying informed on threat intelligence: Keep abreast of the latest cybersecurity threats. Understanding new attack vectors and emerging threats is key to refining your detection strategies.

      Why detection is a game changer

      In the overarching scheme of cybersecurity, detection serves as an early warning system, preventing minor issues from escalating into major data breaches. A robust detection system not only conserves time and resources but also maintains the integrity and trustworthiness of our data management.

      Wrapping up

      As DBAs, our role in the 'Detect' pillar is all about vigilance and responsiveness. By focusing on these crucial areas, we're not just protecting data; we're proactively safeguarding our organization's digital well-being.

      That's all for today! In data security, being proactive is paramount, and in detection, it's about staying ahead of the game. Keep detecting, keep securing!

      Want to know more? Then subscribe to be notified of new posts.

      Topics: PostgreSQL, Fujitsu Enterprise Postgres, Data governance, Security, NIST Cybersecurity Framework, "Database security" blog series

      Receive our blog

      Search by topic

      see all >
      photo-matthew-egan-in-hlight-circle-orange-yellow
      Gary Evans
      Senior Offerings and Center of Excellence Manager
      Gary Evans heads the Center of Excellence team at Fujitsu Software, providing expert services for customers in relation to PostgreSQL and Fujitsu Enterprise Postgres.
      He previously worked in IBM, Cable and Wireless based in London and the Inland Revenue Department of New Zealand, before joining Fujitsu. With over 15 years’ experience in database technology, Gary appreciates the value of data and how to make it accessible across your organization.
      Gary loves working with organizations to create great outcomes through tailored data services and software.
      Our Migration Portal helps you assess the effort required to move to the enterprise-built version of Postgres - Fujitsu Enterprise Postgres.
      We also have a series of technical articles for PostgreSQL enthusiasts of all stripes, with tips and how-to's.

       

      Explore PostgreSQL Insider >
      Subscribe to be notified of future blog posts
      If you would like to be notified of my next blog posts and other PostgreSQL-related articles, fill the form here.

      Read our latest blogs

      Read our most recent articles regarding all aspects of PostgreSQL and Fujitsu Enterprise Postgres.

      Receive our blog

      Fill the form to receive notifications of future posts

      Search by topic

      see all >