Qmulos officially announces the launch of the Technical Controls Initiative. This initiative includes vendors from the cybersecurity industry with broad support from our customers in both public sector and the critical infrastructure sectors, with a goal to enable a standards-based capability to enable real time continuous monitoring of an enterprise security infrastructure, automating compliance activities while improving security. Building upon a standards-based framework, Qmulos enables quick time to value for enterprises and agencies working to improve their cybersecurity posture from a risk based perspective, and enable automaton of IT compliance activities based upon real time data.
With the continued increase of threats – criminal and state based – across all sectors, there are increasing regulatory pressure to protect systems from both a security and privacy perspective, to include continuous monitoring of technical controls. Most organizations must adhere to multiple regulatory mandates for cyber-security, and look towards standards-based frameworks to enable a “measure once, report many” to demonstrate compliance against all mandates.
Attempts to achieve this goal have been attempted in the past by legacy IT GRC platforms, yet they did not improve security. Collecting snapshots of security control data such as vulnerability scans and configuration audits provide a point-in-time view of security and compliance posture, but do not address the dynamic nature of enterprise networks, changing threats, and actual risk. As we have seen with recent data breeches from government and industry networks comprising millions of citizens private data and eroding national security, demonstrating compliance without continuous monitoring of the technical controls securing the enterprise provides a false sense of security.
In order to achieve improved cybersecurity for all enterprises in both public and private sector networks, it requires collaboration from leading providers of cybersecurity solutions to enable consistent real-time continuous monitoring of the control effectiveness in terms of an enterprises security architecture. Qmulos, as the leading provider of IT Risk Management solutions, is sponsoring the Technical Controls Initiative by partnering with industry cybersecurity vendors to enable a standards base continuous monitoring of their solutions on a big data platform, providing real security value to the enterprise based upon actual risks, automating IT compliance monitoring and evidence collection, and reducing the cost to the enterprises. Qmulos, as the only vendor providing commercially available solutions for Ongoing Assessment powered by Splunk that are on the Approved Products List for the Continuous Diagnostics and Mitigation (CDM) program, is uniquely positioned to drive this initiative.