By Anthon Garcia
Share

Gartner: Improve your organization’s security posture with continuous control monitoring

Navigating the evolving threat landscape with CCM
Gartner: Improve your organization’s security posture with continuous control monitoring
Continuous control monitoring tools improve cybersecurity

The adoption of new technologies and the growth of digital businesses are contributing to the expansion of threat landscape. This creates a need for more controls. Increased attack surfaces due to cloud adoption and new digital business are making security assurance tasks even more arduous, error-prone and incomplete than ever before. 

Organizations of various sizes and in different industries often face resource limitations. It’s because their security and IT operational teams are occupied with manual testing and reporting on controls.  

To address this issue, leaders in security and risk management must adopt technology such as continuous control monitoring. It automates the monitoring of cybersecurity controls’ effectiveness and aids in gathering relevant information in almost real time. 

How CCM tools benefit an organization

CCM or continuous control monitoring tools provide SRM leaders and relevant IT operational teams with a variety of capabilities that allow for the automation of CCM, reducing the need for manual effort. These tools support activities throughout the control management life cycle. The cycle includes gathering data from various sources, testing the effectiveness of controls, reporting results, notifying stakeholders and even initiating corrective actions in cases of ineffective controls or anomalies. In addition, the automation provided by these tools allows SRM leaders and IT operational teams to obtain almost real-time insights into the effectiveness of controls. This, in turn, improves situational awareness when monitoring security posture and detecting compliance gaps. 

There are numerous other benefits that organizations can derive from CCM, including: 

  • Streamlining control testing and reducing audit management costs. SRM leaders and IT operational teams no longer have to rush to gather evidence and evaluate controls immediately before audits. It’s because the tools automatically collect evidence of key control activities according to designated standards and policies. 
  • By introducing checks and balances, organizations can ensure that controls and gaps are actively managed. 
  • Reduction in the cost of independent external audits by sharing evidence and avoiding the assessments typically performed by consulting firms. 
  • By using preconfigured dashboards and reporting features, CCM can reduce human error associated with ad-hoc data exports, copying and pasting, and hunting for files.
  • Reduced remediation costs since organizations can identify and fix control deficiencies before they escalate. 
  • A better understanding of the organization’s security and compliance posture for senior leaders.

Read: Data Privacy Day: AI has put data privacy top of mind

Utilizing continuous control monitoring

An organization must determine its security compliance requirements based on frameworks, regulations and industry standards. They must also consider internal policies before rolling out a CCM implementation.

As a next step, organizations should define the scope of connecting systems and applications to a CCM tool. The selected systems and applications must be clearly documented and agreed upon. This means assessing the scope of the project and determining the requirements. The requirements include automation, your organization’s readiness, the user roles that could benefit from CCM capabilities, and the budget. This task involves, among other things, checking whether the IT asset tracking is consistent, inventorying and cataloging security controls (the percentage of technical controls versus nontechnical controls). It also entails checking the frequency of security control testing and compliance reporting. Moreover, it is essential to calculate how many controls and assets the security and IT operational teams must manage and the cost of existing management capabilities.  

Furthermore, organizations must then evaluate CCM vendors and their tools against the requirements. In addition, they must identify the data sources available in the security management portfolio and whether they can be used as sources for CCM. Data sources are crucial for the successful deployment of CCM solutions. 

Configuration is key

Ultimately, companies should configure their selected CCM tool to meet the necessary requirements and utilize any gap analysis features to enhance monitoring capabilities. This includes establishing alerts and priorities, integrating them into response procedures and ensuring recipients are informed. Testing should also be conducted to verify proper implementation. In addition, personnel training and pilot programs should be conducted in the production environment. As the final step, implementing the CCM tool should be followed by ongoing monitoring of its performance, coverage, and process integration. The goal is to improve settings and automate compliance reporting effectively continually. 

 

Jie Zhang
Jie Zhang is a VP Analyst at Gartner.

For more op-eds, click here.

Disclaimer: Opinions conveyed in this article are solely those of the author. The information presented in this article is intended for informational purposes only. It does not constitute advice on tax and legal matters; neither are they financial or investment recommendations. Refer to our full disclaimer policy here.