Talking points
- Information are the most valuable asset of an organization
- What is CM and why its important
- CM the infrastructure
What is the most valuable asset of your organization? The direct answer to that question for any organization is “Information”. Information is the most valuable asset of any organization. It can be the trade secrets of the company, employee personal data, customer personal data or future plans of the company. These information holds the future of your company. What if an outsider get hand on these information? Competitors might get to know your next step, your brand image will damage or worse you will get sued. So it is very important to any organization to keep secure the information. With the interconnected world that we live in all the organizations have to connect their infrastructure to the internet so that employees and clients from anywhere in the world can access to the data that they deserve. But internet connection comes with a great danger to the company any outside person including hackers get the access to the company through the internet. Most companies use multiple defense mechanisms to secure networked infrastructure such as firewalls, IDS/IPS, load balancers, WAF, etc… but attackers also stepping up. Attacking and defensing is a never ending job.
What is Continuous Monitoring and why it is important?
Continuous monitoring is an added defense mechanism. As the term defines it means continuously monitoring the infrastructure of the company. NIST definition of the continuous monitoring is as follows,
“Ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. The terms ‘continuous’ and ‘ongoing’ in this context mean that security controls and organizational risks are assessed and analyzed at a frequency sufficient to support risk-based security decisions to adequately protect organization information. Data collection, no matter how frequent, is performed at discrete intervals.”
CM provides IT admins the visibility of the system, what is happening under the hood. Major problem that most IT admins have is that they don’t know what is happening in the system since there is no visibility to it. CM gives that awareness.
What should monitor continuously?
Before initiating continuous monitoring process we must carefully assess where the organization information are located and where its been transferred. According to that information we can define what needs to be monitored. Here are the most monitored assets.
- Netflow
- Endpoint Security
- Application Security
- Web Security
- Internet of Things Security (IoT)
- Cloud Security
Depending on the infrastructure of the organization continuous monitoring assets change. Next article serious we will discuss with technical details about continuous monitoring.