Monday, March 26, 2012

CAESARS Framework Extension: Continuous Monitoring

You may be familiar with Continuous Asset Evaluation, Situational Awareness, and Risk Scoring Reference Architecture Report (CAESARS). Trolling through older draft posts I created a few months ago, I ran across this little gem. On the face of it, you might think, "cool!"... until you realize how difficult it *really* is technically to make all of this work. I personally think it's a matter of time. The market needs _something_ delivering real time feedback.

Lately I've been speaking with people about continuous monitoring using the analogy of SAP's answer to ERP. Walmart's real-time view into their supply and distribution systems are legendary. Hiccup? They're on it.

Remember the 90s? Remember the large scale SAP implementations that failed? Remember _why_ the implementations failed and how much money it cost the companies that tried? What about the ones that were able to succeed and how much SAP helped with a competitive advantage?

I believe there are lessons to be learned from those times. Remember the buzz acronym BPR? Business Process Re-engineering. Some of the challenges are technical. Some are business related. Alignment, execution, focus, scope, roles, expectations. You may ask, "Are we discussing SAP or CAESARS?" ... Yes.

Now... take a peek into the NIST IR-7756 Continuous Monitoring Framework at http://csrc.nist.gov/publications/PubsDrafts.html. This is very interesting work that is moving in the direction of continuously assessing and providing assurance and remediation for your critical infrastructure. The authors of this version (Peter Mell, David Waltermire, Larry Feldman, Harold Booth, Alfred Ouyang, Zach Ragland, and Timothy McBride) have done a fantastic job of visually communicating the process and integration points.