The Network Doesn’t Lie
In his March 26, 2015 Network World opinion piece, In Cybersecurity, the Network Doesn’t Lie, Jon Oltsik, principal analyst with Enterprise Strategy Group (ESG) outlines some of the reasons why security professionals are increasingly turning to continuous network monitoring to enhance cybersecurity. Oltsik begins with some numbers from an ESG Group survey report, in which 40% of respondents claim they plan to move toward continuous monitoring of all assets on the network, while 30% plan to capture more network traffic for security analytics.
While gaining comprehensive network visibility is critically important, it’s also just a piece of what’s required for a truly effective continuous network monitoring solution
Contrast the ESG findings with the recently released 2015 Cyberthreat Defense Report from the CyberEdge Group. In this report, 32% of respondents are already using continuous monitoring for network asset discovery, and 62% indicated their organizations have implemented continuous monitoring (either alone or in conjunction with periodic, ad hoc scanning/monitoring).
So, why are organizations pursuing continuous network monitoring? Oltsik suggests:
As the old network security adage states, “the network doesn't lie.” Yes, networks may hold secrets within encrypted traffic, but network traffic analysis can inevitably expose the Tactics, Techniques, and Procedures (TTPs) used in cyberattacks.
Along with secrets held in encrypted traffic, with growing use of the cloud, mobile and virtual systems, many organizations are challenged to get a comprehensive and continuous view of all their IT assets. And while gaining comprehensive network visibility is critically important, it’s also just a piece of what’s required for a truly effective continuous network monitoring solution.
Do you need continuous network monitoring?
We could answer the above question by asking whether you need to continuously identify vulnerabilities, reduce risk and ensure compliance with security regulations and policies. Instead, we recommend that you read the Definitive Guide to Continuous Network Monitoring.
It’s a quick, but detailed read that will get you up to speed on:
- Why there is a growing interest in continuous network monitoring
- How continuous network monitoring works, and
- What’s required to implement continuous network monitoring
If you’re attending RSA, you can get a printed paperback edition of the Definitive Guide by visiting Tenable’s booth #N3228. (You can check out our entire RSA schedule here.)
You can also download a copy of the Definitive Guide to Continuous Network Monitoring ebook.
A network security tell-all
For additional insight into continuous network monitoring, register for our April 16, 2015 webinar featuring Steve Piper, author of the Definitive Guide to Continuous Network Monitoring, and Narayan Makaram, Sr. Product Marketing Manager with Tenable. During this 2 pm ET session titled, Measure and Demonstrate Security Effectiveness with Continuous Network Monitoring, we will explain, among other things, how continuous network monitoring can help you answer the $1B question: “What is our risk?” We’ll also provide an overview of Tenable’s SecurityCenter Continuous View 5.0 and answer your questions.
Related Articles
Operational Technology in the DoD: Ensuring a Secure and Efficient Power Grid
April 19, 2024In an evolving threat landscape, the DoD must make sure that its mission-critical operations don’t experience power outages.
Strengthening the Nessus Software Supply Chain with SLSA
April 16, 2024You know Tenable as a cybersecurity industry leader whose world-class exposure management products are trusted by our approximately 43,000 customers, including about 60% of the Fortune 500. But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Today we’re sharing our experience adopting the supply-chain security framework SLSA, with the hopes that the lessons we learned will be helpful to you.
Cybersecurity Snapshot: CISA Says Midnight Blizzard Swiped U.S. Gov’t Emails During Microsoft Hack, Tells Fed Agencies To Take Immediate Action
April 12, 2024Check out CISA’s urgent call for federal agencies to protect themselves from Midnight Blizzard’s breach of Microsoft corporate emails. Plus, a new survey shows cybersecurity pros are guardedly optimistic about AI. Meanwhile, SANS pinpoints the four trends CISOs absolutely must focus on this year. And the NSA is sharing best practices for data security. And much more!
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
April 23, 2024A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.
Operational Technology in the DoD: Ensuring a Secure and Efficient Power Grid
April 19, 2024In an evolving threat landscape, the DoD must make sure that its mission-critical operations don’t experience power outages.
Cybersecurity Snapshot: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security
April 19, 2024Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!
- Vulnerability Management
- Vulnerability Scanning