From: FCW
By Frank Konkel
Continuous monitoring sounds like a simple solution to combat cyber-intruders.
In theory — and with unlimited technological capabilities, funding and human talent — it is. All an agency must do is configure its networks and applications to automatically report in real-time all their connections and other various bytes of machine-generated data to logs for analysis, continuously compute these connections and wait for the signals of bad actors to show up in the noise.
In practice, where real budgetary and technological constraints raise their heads, agencies have made strides in implementing technologies that allow for continuous monitoring, but face significant challenges in doing so. This is especially true at the agency level, where networks produce an astounding amount of data and log files grow exponentially in size.
At that level, cybersecurity becomes “a big data issue,” according to Rod Turk, chief information security officer for the Commerce Department. Turk, speaking during a cybersecurity webinar March 5, said gleaning insights from increasingly large log files is not easy.
Leave a Reply