“Security monitoring technology continuously logs and analyses data from network points and nodes, enabling security teams to detect and respond to incidents faster. This is crucial, but not the full extent of its usefulness. By offering continuous intelligence from across the network and connected devices, security monitoring also benefits other teams in the business,” says Tony Walt, Co-founder and Director of Port443.
“Comprehensive cybersecurity monitoring includes security information monitoring (SIM) and security event monitoring (SEM) – generally combined as SIEM. It observes areas such as network traffic, endpoint devices, users, and multiple other sources to identify anomalies and raise security alerts. In addition, implementing Security Orchestration, Automation and Response (SOAR) capabilities further enhances the value across all business areas,” Walt says.
“Modern SIEM and SOAR platforms are enriched with user and entity behaviour analytics and monitor user accounts and devices active in the system. The data gathered from continuous monitoring also gives organisations insight into patterns of user and network behaviour, allowing various departments to improve efficiencies and potentially reduce business costs.”
Walt highlights five departments – other than IT security – that can benefit from security monitoring:
1. HR – time and attendance, personal support for hybrid workforces
Comprehensive network and endpoint behaviour monitoring offers transparency to support HR’s time and attendance tracking, allowing for better monitoring of time spent in-office or working remotely. Walt says it also better secures remote workers and supports the trend of offering more personal employee support – without exposing sensitive data.
2. IT – identify shadow and rogue IT
Accounting for 30% - 40% of IT spending in large enterprises, rogue or ‘shadow IT’ is increasing, thanks partly to the ease with which cloud solutions can be procured. Gartner reports that over 40% of employees acquired, modified or created technology outside of IT’s visibility last year. Undocumented APIs are also increasing.
“This increases the risks and costs associated with IT,” Walt says. “With comprehensive visibility into what is running in the environment, IT can reduce vulnerability, improve endpoint detection and response, and shut down unauthorised applications and services.”
3. Finance and business management – cut unnecessary costs
With some surveys estimating that up to half of all software licences are not being used, monitoring and analysing systems and software usage can support IT and software asset management by helping uncover redundant systems, unnecessary subscriptions, wasted licencing and non-compliance with software agreements. “Ultimately, this supports compliance and can help control costs,” Walt states.
4. Marketing – support campaigns and improve data quality
Marketing departments can harness the visibility provided by security monitoring to measure responses to campaigns and check for valid responses. “Getting added visibility into the volumes, patterns and types of traffic can help marketers understand whether responses are valid or have been generated by bots,” Walt notes.
5. Operations and site management
Automated monitoring and alerts can support operations and site management by giving an early warning when sites are up or down due to load shedding. Visibility of every device on the network also helps site managers to identify insecure connected devices and IoT sensors and take steps to reduce the risk associated with these.
Says Walt, “These use cases illustrate that cybersecurity can no longer be seen as an isolated department within the business. Security is the modern business enabler; it touches every department, and the right cybersecurity tools benefit the entire organisation.”
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version