At the recent 2012 ITSAC conference in Baltimore, John Streufert, the Director of the National Cyber Security Division of DHS, outlined five recommendations for achieving continuous monitoring. These were:
- Scan daily, at least every 36 to 72 hours
- Focus on attack readiness
- Fix daily
- Grade personally
- Hold managers responsible
While the above are a key component of the government’s CyberScope program, which mandates monthly reports, many organizations internally perform real-time or near daily security assessments. Yet, this becomes overwhelming with “Big Data”. As a result, many organizations discover vulnerabilities at too slow of a rate to efficiently manage or react to them, and they don’t communicate what needs to be fixed very well. They are caught in a constant struggle of not having the right information and/or not having the right resources to mitigate security issues.
The traditional process of searching for attackers periodically does not work. Organizations must implement continuous monitoring to react in real-time to new vulnerabilities and threats.
To find out how Tenable addresses this, read the white paper “Outcome Based Security Monitoring in a Continuous Monitoring World”.