CISOs have a never-ending responsibility to reduce risk, ensure compliance, and enable the business. This has become increasingly difficult given the dynamic unpredictability introduced with cloud, mobility and big data challenges. Unfortunately, traditional approaches often leave gaps that are easily exploited, meaning CISOs are unable to provide solid answers when the CEO asks: “How secure are we?”
Matching an organization’s residual risk to its risk appetite assumes perfect or near-perfect knowledge of its risk profile. Unfortunately, most organizations lack visibility into their actual risk profile. And many seriously underestimate actual risk. This knowledge gap is multiplied when factoring in the realities of today’s mobile workforce with transient devices and cloud applications that often introduce unknown risks.
This gap in risk awareness is where continuous network monitoring comes into play. The primary benefit of continuous network monitoring is the elimination of unacceptable risk created by unknown, and therefore likely unmanaged, network assets.
Continuous network monitoring is real-time activity monitoring that complements active point-in-time scanning and is accomplished via passive network monitoring technology and host-based monitoring (event logs). This way, you are more likely to detect virtually all assets. However, efficiency is key; organizations need to avoid having separate, hard-to-reconcile asset inventories from three different tools because extracting actionable information is both difficult and expensive.
A solid continuous asset discovery solution should also be able to highlight new assets on the network and provide a preliminary risk assessment such as the number of known vulnerabilities for each asset – making corrective action a reality.
It’s also important to realize that vulnerability management is more effective if it’s not a silo. As such, a strategy should take into account the people, processes and products that make up vulnerability management, as well as the impact on adjacent disciplines like patch management, configuration management and change management.
Finally, as CISOs strive to answer the “How secure are we?” question, having access to an assurance report card can help effectively bridge the communication gap between security professionals and business executives by visually communicating the status of the most critical security issues in a familiar report card format.