A Real-Time Approach to Continuous Monitoring

by James Tarala
Sept. 1, 2017 0 comments SANS Institute auditing & assessment

Many organizations, especially within the U.S.federal government and defense industry base,have discovered that while traditionalsecurity monitoring systems can help information assurance efforts,they are rarely enough to react to today’s external, targeted, persistent, zero-day attacks. As a result, leading U.S.federal agencies and some private sector organizations are beginning to replace point-in-time audits and compliance checks with a continuous monitoring program to help them prioritize controls and provide visibility into current threats. There is much debate over the definition of continuous monitoring. In December 2010, the National Institute for Standards in Technology (NIST) produced a draft publication to help the IT security community understand what is involved in a continuous monitoring effort.While many believe it to mean continuous monitoring for system vulnerabilities, others consider it to mean much more. For example, NIST, in its latest documentation, defines c...