Cybersecurity has now superseded terrorism as our country’s #1 threat. The latest US Intelligence Community Worldwide Threat Assessment published March 13, 2013 states that:“Threats are more diverse, interconnected, and viral than at any time in history. Attacks, which might involve cyber and financial weapons, can be deniable and unattributable. Destruction can be invisible, latent, and progressive.”
Both government and private-sector groups are trying to keep up with the rising threat levels, but the increasing threats are outpacing the current standard technologies. For years, we have relied on firewalls and encryption, making sure that data is protected as it flows through the internet and is then protected behind a firewall. All agencies and organizations are being challenged with pressure to “do more with less” and reduce their personnel levels. In addition, new regulations are requiring high levels of documentation and reporting. The solution to this dilemma is the 24×7 nature of continuous monitoring (CM) and diagnostics. Continuous monitoring enables information security professionals and others to see a continuous stream of near real-time snapshots of the state of risk to their security, data, network, end points, and even cloud devices and applications.
Benefits of Continuous Monitoring
- CM gives you situational awareness through full-network visibility. Real-time monitoring of account activity, sensitive data movement, malware and threats are equally important components of the continuous monitoring process.
- CM is a key means for mitigating risk by allowing you to assess the effectiveness of controls and detect associated risk issues.
- CM allows you to capture potential non-compliance early within the network, because not all threats come from the outside. Credit card processing, medical billing and even “Easy Pass” Toll systems use CM to catch duplicate and/or erroneous transactions.
Challenges of Continuous Monitoring
- Because not all parts of an organization will understand the benefits of the effort, you will probably need a high-level sponsor.
Like with all technology-related improvements, CM implementations require investment. Many organizations demand a quantified return on investment (ROI) before implementation of a new IT system. However, cybersecurity has become such a pervasive threat and a desire for constant innovation oftentimes overshadows that ROI question because it is just the right thing to do.
Do you have experience with continuous monitoring? Share it with us below or simply share your thoughts and concerns on the topic.