A diagram depicting risk management in the mineral industry with an emphasis on IT consulting and data recovery.

2014 is the year that changed everything in the information security landscape. It became terrifyingly clear that consumers’ personal and financial data wasn’t safe. Following a series of large data breaches consumers learned first-hand how vulnerable their sensitive information really is.

eBay suffered one of the largest losses, admitting hackers stole credit and debit card information from 145 million people. It didn’t stop there. A total of 76 million households and 7 million small businesses suffered data breaches after a cyber attack on JP Morgan Chase. And data thieves’ stole information tied to 56 million unique payment cards used at Home Depot.

All that came after mega-retailer Target reported a data breach in 2013 that involved the theft of 40 million credit and debit card numbers. This year, 2015, has seen the attacks get even bigger, showcasing that no business, no matter their size, is safe from a data breach. It’s not a matter of if, many cyber experts say, but when a breach will occur.

How did these stealthy cyber attacks impact businesses? Well for one thing, it meant they can no longer afford to be complacent with only periodic tests of their data security systems and firewalls. It is clear companies need to do more.

One option that has emerged is active, continuous monitoring of IT networks and data terminals to guard against breaches and system vulnerabilities.

What is continuous monitoring?

Active, continuous monitoring sounds like an insurmountable task. How could large companies afford such extensive surveillance and testing of their systems, let alone smaller ones?

It’s not as impossible as it seems. A herd of tired IT analysts don’t have to stare red-eyed at computer farms 24/7 to keep businesses safe.

Continuous monitoring is a risk management approach to cyber security that constantly assesses a business or organization’s security risk, provides visibility into its IT and network assets, and quantifies risk, to evaluate security controls and implement needed remedies. A well-designed continuous monitoring program can provide near real-time status assessments of a company’s information security.

To protect themselves, businesses must regularly evaluate their data security systems, including vulnerability testing, penetration testing and intrusion detection. These tests are critical to staying vigilant and ensuring the safety of consumer data.

So what does continuous monitoring really mean?

Continuous monitoring means exactly what it sounds like – kinda, sorta. The information protection strategy entails uninterrupted assessments of a business’ critical assets, but not necessarily every single network or device all day, every day.

The key is doing regular testing of a system and identifying which networks or devices are essential to a business’ or organization’s function and reputation. Networks holding the most sensitive information should be monitored constantly.

In an effort to better protect its data, the U.S. Army, for example, is moving ahead with plans to implement continuous monitoring practices to identify, assess and respond to system vulnerabilities. That means in part regularly assessing its systems and constantly applying security updates and patches to ward of data thieves.

And the Army is not alone. The Ponemon Institute, a Michigan-based research center dedicated to privacy, data protection and information security policy, released a study earlier this year highlighting the climate of information security.

Not surprisingly, the community is on high alert. Of the 735 IT professionals surveyed, 45 percent reported their company had one or more data breaches in the past 24 months. And 60 percent said they made operational changes to improve their ability to prevent and detect data breaches.

Among the most common adjustments businesses made, according to the Ponemon survey, included establishing an incident response team to manage data breaches, implementing data security effectiveness metrics and increasing monitoring and enforcement activities.

The truth is, though, no matter what companies do, the threat of data breaches and cyber attacks will always loom as hackers and thieves evolve their skills to overcome the latest security. But know that companies aren’t alone. Skilled information security professionals are out there to help maintain and upgrade your business’ systems to stay ahead of the threat.

Questions?

Questions about active, continuous monitoring? Contact us at ZZ Servers.

ZZ Servers uses a collection of tools that have long been recognized as the de-facto standard for intrusion detection and prevention. The power, precision and flexibility of our technology and the robust rules language enable the most comprehensive threat coverage possible. Understanding that attackers are constantly developing new methods of attack, uncovering new vulnerabilities and exploiting known weaknesses, we actively manage our systems to ensure our customers stay one step ahead of the latest threats.

ZZ Servers File Integrity Monitoring and Host Intrusion Detection, Monitoring and Prevention services service removes the burden of administration and monitoring of your Intrusion Detection infrastructure. This service provides our customers with our 24x7x365 expertise, monitoring and proactive management necessary to ensure the maximum protection of critical organization assets. We maintain all aspects of the File Integrity Monitoring and Host Intrusion Detection, Monitoring system and perform all management and maintenance.

Sources:

http://www.ponemon.org/local/upload/file/2014%20The%20Year%20of%20the%20Mega%20Breach%20FINAL_3.pdf

https://cio.gov/protect/continuous-monitoring/

https://cio.gov/stay-protected-while-connected-army-cybersecurity-awareness-month/