Many cybersecurity frameworks, including NIST CSF, require information security continuous monitoring (ISCM). Additionally, some laws and regulations such as FISMA, GDPR, SOX, and PCI DSS require security continuous monitoring.
We recommend that you implement ISCM practices to monitor critical security and system areas that could compromise your organization's operating system environment, external security manager, and customer data. Doing so reduces your risks and aligns with legal and regulatory requirements.
For more information, see Top Secret STIG Articles by Findings.
------------------------------
Scott Bohnert
Staff Technical Writer
Broadcom
------------------------------