The recent appointment of John Streufert as a deputy undersecretary for cyber security at the Department of Homeland Security illustrates the importance of continuous monitoring. This approach to IT security involves continuously scanning systems and servers as well as analyzing internet traffic on an ongoing basis so that security issues can be spotted, and solved, before they cascade into true vulnerabilities. Streufert is an expert in such technologies; he put a continuous monitoring system into place at the State Department, receiving accolades from everyone from security professionals to members of Congress.
Private businesses could learn a great deal from the example of DHS in appointing Streufert and from the man himself. It is difficult to understate the essential nature of continuous monitoring in the current phase of the Information Age. The threat environment is evolving at a rapid pace and it is only through proactive procedures that small and medium-sized businesses can keep up.
Unlike the federal government, however, SMBs may have severely limited resources. Certainly, few of them have the kinds of funds needed to assemble IT security teams headed by someone like Streufert. A viable alternative for SMBs is the IT consulting firm, which can help a business to explore its options when it comes to selecting and implementing a system for continuous monitoring of its network and systems. IT consulting firms can advise on software packages or remote IT solutions that are within the price range of an SMB and can offer helpful tips about how to get the most benefit out of whichever solution is eventually selected.