From: CIO
The evolving nature of cyberattacks demands a more dynamic response, according to government CIOs making an effort to implement real-time, continuous monitoring and reporting for security issues.
By Kenneth Corbin
As federal agencies struggle to keep pace with the mounting threats to their far-flung digital systems, IT professionals must move away from treating security as a compliance exercise and adopt dynamic, real-time monitoring, government CIOs said in a recent panel discussion.
In many agencies, that shift toward continuous monitoring is already well underway, as CIOs have been working to further automate their systems so that networked assets scan for and report potential security incidents.
“There was a lot of checklists focused on looking at what type of security controls needed to be implemented, what type of security controls actually were implemented,” says Simon Szykman, CIO at the Department of Commerce.
“We’re now moving toward an era of much more automated and near real-time situational awareness where we have systems that themselves are able to verify that controls are being implemented, assess the state of security across a broad infrastructure, and report in a real-time or near real-time basis a broad security posture over a big infrastructure up to decision makers,” Szykman says.
Leave a Reply