From: SIGNAL
By Lt. Col. Mark A. Russo, USA (Ret.)
The most misunderstood cybersecurity solution holds promise.
***
Many experts had hoped that the colossal breach of the Office of Personnel Management several years ago might have heralded much-needed focus, energy and funding to defeat the bad guys. That has proved to be an empty hope, and officials have continued to abrogate their authority to lead in cyberspace.
Among all the potential cyber solutions, continuous monitoring (CM)—the so-called holy grail—is the most misunderstood. Presenting too many shortcuts for both federal and private-sector networks and creating an illusion of success, CM is among the worst of approaches—except for all the rest, to paraphrase Winston Churchill. “Continuous monitoring has evolved as a best practice for managing risk on an ongoing basis,” according to a SANS Institute white paper that addresses the status quo and looks beyond present-day implementation.
Leave a Reply