Continuous monitoring is poised to do for information security what cloud deployment did for global productivity. Continuous monitoring not only has a role to play in preventing large-scale data breaches but it can also help compliance-sensitive organizations save money by facilitating long-term compliance continuity and reducing annual audit overhead.
On the drawing board, continuous monitoring is an approach that can catalyze truly immediate detection and response in the event of an attack on any system. It may appear to be a quantum leap forward in the quest to adopt a proactive, rather than reactive, security model. Plus, many of today’s existing security tools can be leveraged in continuous monitoring.
That said, the question “is continuous monitoring enough?” must receive a qualified “no.” Truly continuous monitoring is a relatively new response to the realization that conventional IT security is not working. Evidence for this is everywhere: Security incidents are vastly outpacing GDP and mobile phone growth, according to PricewaterhouseCoopers. That said, continuous monitoring will fail if it is implemented with a mindset constrained by old security paradigms.
Is your enterprise ready for continuous monitoring? Ask yourself the following:
Are You Using Appropriate Data Protection?
Continuous monitoring is most effective when it coordinates with more aggressive forms of data defense. Ensuring that networks follow fundamental principles in routing and separating traffic, maintaining “least privilege” for users, and strictly controlling the activation and disposal of user accounts will position you to maximize the value of your monitoring investments.
Do You Have Forward-Thinking IT Strategists?
Once continuous monitoring identifies a pattern of malicious behavior, IT strategists need to be ready to adjust the security approach quickly. This requires the ability to work fast, be flexible, and apply creative problem-solving – all while ensuring security strategy remains coherent as it evolves. If IT leaders aren’t ready to operationalize the lessons learned from monitoring, it won’t work.
Can Your Enterprise Manage the Overhead?
For compliance-oriented organizations, continuous monitoring can boost efficiency and cut costs. However, there are trade-offs: True continuous monitoring requires the capacity to store and retrieve a huge amount of data, the raw forensic materials that will facilitate improvement in your security posture. If resources are tight, impactful continuous monitoring may be impossible.
Are Your Policies and Personnel Primed for Change?
Continuous monitoring helps businesses think and act faster than hackers – but only if the organizational culture is not change-averse. Clear policies must be in place for evaluating, approving, and making IT configuration changes fast. Policy adjustments should be communicated clearly to all stakeholders with a role in protecting sensitive data on the network.
Is Continuous Monitoring Being Used to Patch a Different Kind of Shortfall?
If you want a transformative approach to security, continuous monitoring has the potential to deliver it. However, at its core, monitoring will only report the results of the human factor – not correct them. If employees are exposing data to risk by ignoring policies or using unauthorized devices, even the most well-monitored assets are still at risk.
Recognizing that the largest industry players out there are the ones with the most to lose from hacking attacks, many of the top enterprise vendors are expanding their continuous monitoring offerings. As individual breaches become more costly, continuous monitoring might become a ubiquitous part of the modern security landscape for mid-sized and big brands.
Is continuous monitoring enough? On its own, “no” – it’s best understood as a methodology, not a single “plug and play” reality.
That said, continuous monitoring is going to loom large in the next wave of IT security. If your enterprise is properly aligned to take advantage of it, it may be the surest way yet to protect your important information from the growing number of would-be cyber-villains who want to steal it.
About the Author: Theresa Wood is a freelance writer who has written online content for over 6 years, and has specialized in technology news. She has contributed pieces for companies like WinMagic, as well as niche blogs. She writes from her passion for technology and data security.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.