 |
Asset monitoring is an essential activity for managing vulnerabilities in a network. It lets organizations discover which assets are on the network and maintain an up-to-date inventory of their status, along with details such as which software is running and its patch levels. According to the SANS Institute, frequent monitoring of critical assets is becoming more essential given the constant rate at which threats evolve. This allows organizations to quickly detect whether anything nefarious has occurred so that damage can be minimized. Continuous asset monitoring is also key to enabling mobility in the enterprise because it can discover all new devices as they connect to the network, even if it’s just for a short period. The most important assets that should be continuously monitored are those that are the most volatile, such as new versions of software or new machines, because they are what attackers look to take advantage of. Government Initiatives that Encourage Continuous Monitoring Governments are putting their weight behind the need for continuous monitoring. In the United States, federal agencies are required to adhere to guidelines developed by the National Institute of Standards and Technology. These guidelines cover the use of vulnerability management, malware detection, asset management, and configuration management systems, along with the use of tools that aggregate data into a central management console. This helps organizations gain a more robust awareness of their overall risk posture. The guidelines primarily require that agencies use continuous monitoring capabilities. The federal government has also identified continuous monitoring as a key cybersecurity policy, focusing on assets, configurations, and vulnerabilities. In the United Kingdom, continuous monitoring is mandated for all government agencies connecting to the secure government network, although they are less widely used by private-sector organizations. Use of Network Asset Monitoring in the Private Sector As reported in Network World, a recent ESG report showed that 40 percent of organizations plan to move to continuous network monitoring of all assets on the network, while 30 percent are looking to capture more network traffic for security analytics. The report sees these statistics as part of a general trend whereby organizations are rapidly increasing their activities with regard to collecting, processing, and analyzing network security data. Organizations that use continuous monitoring tools are able to meet compliance requirements far better than their counterparts and feel more confident about their overall security posture. This is especially important given the dynamic nature of today’s extended IT environments, which encompass all manners of connected devices. Such tools will help organizations improve all stages of the vulnerability management lifecycle, from discovering which assets are on the network to scanning them for security vulnerabilities and remedying any that are found. While continuous monitoring is sometimes viewed as merely a tool for appeasing auditors and demonstrating security controls are in place, it is still a vital tool for improving overall risk reduction and management. By using automated monitoring tools, organizations can overcome the challenges they have with finding and retaining skilled security practitioners, enabling them to do more with the limited resources at their disposal. The post The Need for Continuous Asset Monitoring appeared first on Speaking of Security - The RSA Blog and Podcast. |
