Beyond Continuous Monitoring: Continuous Remediation is the New Frontier
By Rick Tracy
When Telos first launched its continuous assessment capability approximately nine years ago it was ground breaking. This new and innovative security platform offered organizations the ability to constantly be aware of their security risk and compliance posture. The National Institute of Standards and Technology (NIST) now refers to continuous assessment as continuous monitoring, and industry acknowledges the importance of assessing security risk and compliance posture in a continuous and automated way.
The very positive benefit of continuous assessment, or continuous monitoring as it is now called, is the ability to rapidly identify every asset in the enterprise, conduct security testing against these assets, understand risk and compliance posture, and provide risk and compliance reporting as frequently as you like. Automated continuous monitoring now makes it cost effective to have 100% test coverage rather than sampling a small percentage of assets, which was necessary when security testing was performed manually.
Broad awareness of security issues is obviously a good thing. However, because you now have the ability to gather test results for all assets (rather than just a sample set), the amount of response and remediation activity can be daunting. This is especially true if your remediation and response processes are largely manual, which is the case for most organizations.
As organizations continue to embrace the concept of continuous monitoring, continuous response remediation is the obvious next step. Extending the continuous monitoring framework to include automated methods for triggering remediation and response activity is essential. Transparency in the remediation and response reporting process is also necessary to ensure response and remediation status is clearly understood.
Absent automated continuous remediation capabilities the IT staff will be overwhelmed with manual activity and will not be able to keep pace. This will result in the true value of continuous monitoring being wasted. After all, what is the benefit of knowing you have security issues if you do not have adequate resources to respond and remediate in a timely fashion?
Continuous remediation is the new frontier.
Rick Tracy is Telos Corporation's SVP, CSO and CTO. Follow him on Twitter: @Rick_Tracy