Information Security Continuous Monitoring - Challenges and Solutions

Information Security Continuous Monitoring - Challenges and Solutions Name: Institution: Date: Continuous monitoring of information system (IS) helps to minimize the risks that may affect the security details of the IS as well as manage effectiveness. With information security breaches, becoming more frequent it is vital to understand risk in a system, any time that system undergoes changes. Continuous monitoring of security concerns is an improvement on traditional models of monitoring but at times, there are difficulties in detecting risks when changes occur often. Other than providing security to information systems, continuous monitoring is also effective they maximize the ROI (NIST & Booz Allen Hamilton, Inc, 2011). This paper looks into the challenges and solutions in information security continuous monitoring. One of the main advantages of continuous motoring is that it complements data collection rather than replace the process (NIST, 2011). The domains that collect data are still the main repositories of data collected. Thus, implementation of continuous monitoring improves the efficiency of the system, as there is instrumentation of the collection system, which facilitates integration with continuous monitoring. Compatibility with continuous monitoring in turn helps to minimize integrations costs for future systems as well as allow implementation of various security measures than in traditional monitoring. In essence, use of continuous monitoring calls for more use of automated methods in data collection, this is better than manual collection, which requires automation of information and standardization. Numerous off the shelf automation tools are essential as they provide situational awareness. Situational awareness occurs as they provide understanding of the security situation in information systems through continued monitoring IT infrastructure and systems (DHS, 2011). Essentially, monitoring security flaws looks into vulnerabilities in the system, missing patches, breach of security control protocols and checks whether there is compliance with sanctioned configurations. The use of CAESARS model adds more value through integration of end-to-end process. This occurs through bridging the gaps inherent in a system versus the agreed and accepted security baselines (DHS, 2011). Furthermore, the system adoption helps in asset management of Information Technology (IT) by pinpointing on each of the assets under management. Continuous monitoring has managerial and technical issues that may inhibit full implementation of the process. Monitoring requires the integration of various processes and tools and then using them appropriately in the organizations infrastructure. Integrating various functions in continuous monitoring is hard to achieve, as organizations tend to use contractors specialized in different areas. To overcome this challenge it is vital to have a good working environment where everyone understands the organization’s goal. For the management the security threats posed to the information system keep changing, and it is hard to track down the complexities emerging. The risk may increase over t...