Continuous monitoring (CM) continues to be a hot topic in the information assurance world. DHS CDM and CMaaS purchases and planning continue to lumber forward. Version 2 of our CM solution will launch this year and reflects the latest thinking in CM risk scoring and presentation.
So, I wanted to make some updates to a three-part blog on continuous monitoring I did last year.
I have decided to create a three-part series of white papers on the subject to allow for greater detail and to include some reference tables. There were a lot of things I couldn’t cover in enough detail and some new developments have unfolded in the meantime.
Part 1 covers common misconceptions and provides definitions, an introduction and brief history of CM and is available here.
Part 2 in this series will address monitoring strategy including the frequency and method of assessments, and will be available in early June.
Part 3 will cover strategies for managing assessment costs and will be available in late June.
Lastly, there is still plenty of time to register for RSA Archer’s 2014 GRC Summit. I will be at the summit, giving demonstrations of our forthcoming A&A and CM version 2 solutions. Hope to see you there!
As always, please email me with comments or questions