Why is outcome based security monitoring so critical with “Big Data”?

by Manish Patel
December 10, 2012

At the recent 2012 ITSAC conference in Baltimore, John Streufert, the Director of the National Cyber Security Division of DHS, outlined five recommendations for achieving continuous monitoring. These were:

  • Scan daily, at least every 36 to 72 hours
  • Focus on attack readiness
  • Fix daily
  • Grade personally
  • Hold managers responsible

While the above are a key component of the government’s CyberScope program, which mandates monthly reports, many organizations internally perform real-time or near daily security assessments. Yet, this becomes overwhelming with “Big Data”. As a result, many organizations discover vulnerabilities at too slow of a rate to efficiently manage or react to them, and they don’t communicate what needs to be fixed very well. They are caught in a constant struggle of not having the right information and/or not having the right resources to mitigate security issues.

The traditional process of searching for attackers periodically does not work. Organizations must implement continuous monitoring to react in real-time to new vulnerabilities and threats.

To find out how Tenable addresses this, read the white paper “Outcome Based Security Monitoring in a Continuous Monitoring World”.