InformationWeek: The Business Value of Technology

When it comes to monitoring, the application space is often forgotten. This leaves a gaping hole because the behavior of applications can reveal a great deal about security events and their causes. The inherent variability of applications can make monitoring a challenge, but enterprises can ­extend existing tools to include the applications space. In this report, we make the case for the development of an applications monitoring ­strategy and provide recommendations for implementation that tap into existing products and processes.

The use of network monitoring tools in a security context can help companies fill gaps in protection as well as identify potential ­problems. Companies that aren’t using network ­monitoring tools may find it easier to justify their use and cost when security ­capabilities are figured into the mix.

Organizations challenged by meeting the requirements of multiple regulatory mandates are increasingly looking at the alignment of governance, risk and compliance under a unified framework, GRC. 

In this report, we examine where the security professionals figure into the mix and recommend the steps organizations should take to align IT GRC with existing security programs and processes.

Hacktivists and cybercriminals pose the greatest threats to federal agencies. The feds are fighting back with continuous monitoring.

Cybercriminals, insiders and foreign states are the most serious threats to government systems, according to our 2012 Federal Government Cybersecurity Survey. Agencies say they're prepared, but huge challenges remain.