Databank, a leading provider of enterprise-class data center, cloud, and connectivity services, recently published a blog How to Make Continuous Monitoring Part of Your Compliance and Security Strategy.
It outlines how continuous controls monitoring (CCM) is a cornerstone for proactive mitigation and risk reduction and is typically owned and deployed by the IT team and/or the SOC team. It is central to security and ensuring efficient audits for compliance.
Without getting too much into the minutia, CCM facilitates presenting data for auditors to complete the compliance auditing process. With CCM, rather than a mad scramble to produce audit-related information, the IT team can have confidence knowing that the information already exists.
Waverley Labs is in clear agreement about the importance and value of CCM described in the article. However, Waverley recommends that for CCM to be truly effective as a security strategy, particularly for ensuring compliance, the business (system owners) must also be involved since it is typically their architecture and their data flows being monitored continuously.
Waverley Labs believes that CCM strategies must involve a triumvirate of the IT team, the SOC team AND the business (application and system owners).
Business owners may elect to deploy a Software Defined Perimeter (SDP) and its’ “authenticate first” approach to harden the security strategy while significantly reducing resources (and costs) required for incident response. SDP enables the organization to go beyond CCM to achieve real time monitoring providing instant visibility of your security stance not just for the network, but the business too.
Currently organizations are continuously monitoring controls prescribed by someone else e.g. NIST. The SDP automatically provides all the data needed enabling the business to do compliance checks against predetermined controls. This is where the focus needs to be. By taking a proactive approach with SDP to reduce your attack surface and do proactive mitigation, you will automatically achieve compliance with multiple controls. The business people understand this.
Other benefits of SDP include a reduction in resources needed for incident response enabling the organization to move from a CapEx to OpEx approach, and enhanced revenue by establishing metrics that are repeatable and measurable.
SDPs have been successfully deployed and proven effective by leading enterprises such as Coca-Cola, Mazda, and Google, and in the public sector by DHS, and continue to be tested in organized industry “hack-a-thons” (such as RSA) with an estimated 10 billion+ attempts to date – all unsuccessful.
To learn, more check out Waverley Labs who worked closely with the Cloud Security Alliance to develop the commercial SDP specification and has since delivered the industry’s first open source SDP as part of an award by the DHS to create new tools to defend against large and sophisticated Distributed Denial of Service (DDoS) attacks.