There are 3 bullets in Event Identification and Monitoring:
Ability to detect remote activation attempts.
Ability to detect remote activation of collaborative computing device.
Ability to detect remote activation of sensors.
1) There was a comment in our meetings to clarify "collaborative computing device." This bullet could be rewritten to say "Ability to detect remote activation of collaborative computing capabilities (e.g., microphone, camera) on the IoT device" or similar.
2) I'm not sure if the first bullet "Ability to detect remote activation attempts" offers anything beyond the next two bullets. One possibility is to delete this first of the three bullets.
3) A final suggestion/comment by the team was to consider moving these bullets (whichever remain) to Device Security. I'm not in favor of that suggestion since I believe the spirit of these bullets is really to monitor for certain activity (remote activation) and not really about device security.
There are 3 bullets in Event Identification and Monitoring: Ability to detect remote activation attempts. Ability to detect remote activation of collaborative computing device. Ability to detect remote activation of sensors.
1) There was a comment in our meetings to clarify "collaborative computing device." This bullet could be rewritten to say "Ability to detect remote activation of collaborative computing capabilities (e.g., microphone, camera) on the IoT device" or similar. 2) I'm not sure if the first bullet "Ability to detect remote activation attempts" offers anything beyond the next two bullets. One possibility is to delete this first of the three bullets. 3) A final suggestion/comment by the team was to consider moving these bullets (whichever remain) to Device Security. I'm not in favor of that suggestion since I believe the spirit of these bullets is really to monitor for certain activity (remote activation) and not really about device security.