Continuous Monitoring: Retail's 2015 Survival Guide

OVERLAND PARK, KS–(Marketwired – April 30, 2015) – Survive and adapt. Following the rash of breaches in 2014, is this really what the plan should be for retailers in 2015? Survival implies the odds are not in your favor. It is, at times, synonymous with being hunted. If all someone does is play defense, it is very difficult to turn the tables in their favor.

Last year was a wake-up call for most industries to assess their vulnerability to cyberattacks. It also revealed that defensive, reactionary methods for security cannot solely be relied on. It was displayed on the world stage that these methods fell short and need to be bracketed with proactive, assertive ones. Techniques that turn the hunter into the hunted.

Continuous monitoring provides this answer. It puts organizations on the offensive by not only actively searching for weaknesses in their defense, but also hunting for threats within their systems. Unfortunately, research conducted by the Ponemon Institute sheds light on the irregularity and scarcity of these efforts by organizations today.

Through continuous monitoring of systems, retailers (and anyone else who utilizes such practices) will greatly mitigate their chances of falling victim to cyberattacks. Continuous monitoring is like having cybersecurity guards walking the perimeter of an organization’s systems at all times. Weak points or holes in the defense are going to be uncovered and malicious threats that did somehow penetrate the defenses can be quickly discovered. This allows swifter remediation actions for improving security. Potential attacks are neutralized; damage is mitigated.

This challenge of continuous monitoring is cost. It is no small undertaking for any organization. If left to conventional methods, the resources necessary to effectively run these processes and monitor the results can seem unobtainable. However, with the implementation of a governance solution to manage risk, compliance and security activities (a GRC solution for short), these processes can become more efficient and streamlined, therefore requiring fewer resources.

With a GRC solution, such as LockPath’s Keylight platform, data from all vulnerability scanners, webapp scanners, SIEMs, and log files is centralized and correlated. This data can then be more contextually reported via dashboards, allowing risks and trends to be identified. Once these risks are identified and documented, they can be prioritized with assigned remediation workflow to begin mitigation.

There needs to be a paradigm shift in how organizations approach information security. Behind us are the days of the “see-detect-arrest” methodology. As the landscape and makeup of threats evolve, it will be impossible to stay ahead of blackhats by utilizing wholly defensive measures.

Continuous monitoring effectively arms organizations with the ability to become the hunter of threats. GRC solutions alleviate the amounts of resources necessary for these organizations to go on the offensive with continuous monitoring. The future will call for the implementation of two-pronged approaches to information security. Methods combining defense and offense. Ones that turn the prey into the predator.

About LockPath
LockPath is a market leader in corporate governance, risk management, regulatory compliance (GRC) and information security (InfoSec) software. The company’s flexible, scalable and fully integrated suite of applications is used by organizations to automate business processes, reduce enterprise risk and demonstrate regulatory compliance to achieve audit-ready status. LockPath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises in more than 15 industries. The company is headquartered in Overland Park, Kansas.

Image Available: http://www.marketwire.com/library/MwGo/2015/4/27/11G039711/Images/Continuous_Monitoring-1385191272997.jpg