In 2010, the U.S. government changed its security approach from periodic assessments to continuous monitoring. This new approach is called Continuous Diagnostics and Mitigation (CDM). “Continuous” in this sense doesn’t necessarily mean 24x7; instead, it means recurring assessments at an interval commensurate with the value of the information and the estimated level of risk. Federal publications provide guidelines for determining the frequency of assessment, based on criteria such as security control volatility, system impact levels in terms of function protected, and any identified weaknesses.
https://vshow.on24.com/vshow/govloop6/content/984318
Cybersecurity
Sales Brief