When the concept of “continuous” monitoring of computer systems was advanced back in 2010, it was simple. Take the server down the hall and constantly monitor its IT systems and networks to detect security threats. Jump fifteen years into the future. You have systems bombarded with data, complex network configurations that include hybrid networks, and constant security threats.

Today, we assist federal technology leaders in gaining an understanding of how to deploy the (once simple) concept of continuous monitoring.

Challenges such as evolving threats, data quality, and the need for real-time incident response were addressed.

If Zero Trust posits one must restrict access to a system, how do you monitor traffic that is encrypted? Modern CDM systems can capture, decrypt, and examine what is entering a given network.

Jason Ralph from the Department of Labor has a strategic insight. New CDM tools are being introduced with impressive capabilities. He warns that the unintended consequence of some new tools can be to reduce the ability of older tools.

Many lessons are shared in this discussion. Topics include the importance of having a stable network system before adding tools and the value of community groups that can advance knowledge of appropriate ways to deploy CDM in a federal world.