Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Access ManagementCybersecurity News

Staving Off the Next Generation of Data Breach

Using Techniques like Continuous Monitoring Can Help Keep Enterprises Aware

By Jack Marsal
cyber 1 feat
February 24, 2015

2014 was dubbed the Year of the Data Breach. It became impossible to grab a newspaper without seeing the word “breach” smeared across the front page. According to a study conducted by the Ponemon Institute in 2014, a staggering 43 percent of companies experienced a data breach, which is up 10 percent over the previous year. Hackers are becoming more sophisticated in their approaches and cleverer at penetrating networks.

There is no silver bullet that can stave off all attackers. But there are approaches that can help companies better protect themselves against these attacks.

The approach that has been advocated (though not yet fully implemented) by the federal government is a huge step in the right direction. To improve the security posture of federal agencies, the Department of Homeland Security (DHS) has launched a Continuous Diagnostics and Mitigation (CDM) program. The CDM program does not contain new security technologies per se; rather it transforms the way existing technologies are used. The CDM approach heavily integrates existing layered security systems in a way that produces synergies between the systems and allows the organization to rapidly identify and respond to security vulnerabilities and breaches.

Just like federal agencies, commercial enterprises need to approach IT security in a way that will help them make the most of their limited resources. Enterprises need to be thinking about solutions that can maximize existing infrastructure investments. As with the federal program, commercial enterprises should be looking for integrated approaches that can continuously monitor and mitigate security exposures and cyberattacks.

What are the hallmarks of this new approach to IT security?  These new systems provide:

  • Continuous information about the people and devices that are connected to your network
  • Real-time information about transient devices and personally-owned devices
  • Information sharing and automation between your various existing security systems
  • A wide range of automated controls that function at both the network level and the endpoint level

Preventing cyberattacks requires constant visibility and control over endpoint state and behavior – long after the device has joined the network.  A continuous monitoring approach detects endpoint changes and anomalous activity, and when a fault or suspicious activity is detected, an alert can automatically communicate the event and/or respond to the problem such as by quarantining the suspicious device or immediately remediating the endpoint fault.

The modern computing era relies heavily on mobile computing and accommodation of personally owned devices (BYOD) on the network.  Thus, enterprises must architect their IT security system in ways that accommodate transient devices and personally-owned devices. For example, a traditional security system based on agents is poorly suited to a BYOD environment. Similarly, security processes that are periodic in nature – e.g. periodic risk assessments and periodic mitigation processes – will often not see transient devices on your network and not patch vulnerabilities before an attacker can discover them and gain a foothold. Continuous monitoring and mitigation systems avoid both of these problems.

As with next-gen network access control (NAC), continuous monitoring and mitigation systems provide a wide range of endpoint remediation actions. Self-remediation informs a user of the security issue and presents them with instructions on how to mitigate the issue. Direct remediation is performed by the security platform by executing a script to install a patch, update an antivirus signature, re-start or re-install an agent, kill a process or disable a peripheral device. Third-party remediation can send requests to an external system to perform the fix. Organizations can decide which is best for their unique application, but regardless, they all allow for quick and effective corrections of network issues, often preventing major breaches from occurring.

Traditional IT security tools and practices are too focused on agents, occasional assessments, disparate point solutions and manual response. Enterprises should adjust their security architectures to better align with today’s evolving IT environments and threat landscape. IT should move in the direction of deploying next-generation security architectures that emphasize continuous monitoring; fast, automated response to violations, exposures and indications of compromise (IoC); and integration between third-party security and management systems to share security intelligence and enhance control context.

Considering all the headache and heartache cybercriminals caused in 2014, it’s scary to think about the damage they will cause in 2015. Cybercriminals are outspending security teams two to one, and with hackers becoming more organized, it is increasingly important to develop a security posture that will not only provide holistic, real-time visibility of the network but enable auto-remediation capabilities to ensure breaches are stopped before they have the chance to establish a foothold and become a vastly bigger problem. 

KEYWORDS: continuous monitoring security cyber attack data breach

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jack Marsal is responsible for ForeScout’s worldwide product marketing strategy. He has 20 years of experience with IT security and enterprise infrastructure products and services. Prior to joining ForeScout, Marsal was director of solution marketing for McAfee when he led the company’s effort to develop new security suites tailored for mid-size businesses. Previously, Marsal held senior marketing positions at Trend Micro, Lotus Development, and CenterBeam.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cloud-cyber

    Anatomy of data breach in cloud generation

    See More
  • The Role of Universities in Preparing the Next Generation of Security Professionals

    See More
  • armoured vehicle protection

    Security on the go: The next generation of vehicle protection

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!