Subscribe
About

Why continuous monitoring is a modern cyber security essential

Dillon Peens, Strategic Business Development Manager, Snode Technologies. (Image: Supplied)
Dillon Peens, Strategic Business Development Manager, Snode Technologies. (Image: Supplied)

In the wrong hands, new technologies, like generative artificial intelligence (AI), can help threat actors crack passwords, increase the volume of successful strategies and get around cyber security defences. These tools also make advanced hacking techniques more accessible to less skilled people. “All of a sudden, we’re seeing cyber crime orchestrated by people who would normally have had to collaborate with others to launch sophisticated attacks. This is because everything is now available, for free, online,” explains Dillon Peens, Strategic Business Development Manager at Snode Technologies.

This, he adds, puts additional pressure on businesses to up their cyber game because anyone can be a hacker. Couple this reality with the potential fallout for non-compliance, which can include anything from a hefty fine to the potential restriction of operations, and businesses across all industries need to make cyber security a top priority.

According to the joint standards issued by the Financial Sector Conduct Authority (FSCA) and Prudential Authority (PA), continuous monitoring is a critical component of any effective cyber risk management programme. Continuous monitoring assumes that you are always being tested, which makes it critical to monitor, track and analyse the security status of your systems, networks and data all the time, says Peens. “I like to think of it as being a bit like securing your home. With regular security, you only secure the perimeter, but if someone manages to get over the fence, you have no idea that they’re inside until it is too late. With continuous monitoring, you’ve secured your perimeter but you’ve also hired a security guard to patrol the inside of the property to keep an eye out for any suspicious activity.”

The goal is to detect and respond to security threats and vulnerabilities as they happen, rather than relying solely on periodic assessments (like annual audits or vulnerability scans). When a cyber attack happens in the middle of the night, for example, you would traditionally only find out about it the next morning when you open up your laptop and realise that you’re locked out of your device.

With continuous monitoring, or at least the way we do it at Snode, proactive managed detection and response and continuous threat exposure assessments make it possible to block any malicious activity immediately. “So if the system picks up that the CEO, who generally only logs in from Joburg, is now logging in at 3am out of Switzerland, this activity would be flagged and the account would be isolated to make sure that no one can use it to move laterally across the rest of the business.” When an event is flagged, someone from the security operations centre will review the incident to determine if it needs to be escalated or if it’s a false alarm.

According to Peens, continuous monitoring is also a great tool to keep track of internal activities. “We know that threats don’t always originate from outside the business; they can sometimes come from people on the inside, which is why it’s so important to keep an eye on your internal activities too. “For example, ChatGPT is an incredible tool, but if your teams are using it carelessly and they’re plugging sensitive and confidential data into the large language model, you probably want to know about it.”

Continuous monitoring is a critical component of any proactive defence strategy. By offering real-time visibility into an organisation’s security posture, it helps identify and address threats faster, which limits risk and ensures compliance. The benefits of continuous monitoring – such as reduced impact of attacks and improved situational awareness – make it an essential aspect of any comprehensive cyber security strategy.

Share