Continuous monitoring: protecting the enterprise and executive suite.

• Author: Taylor, Patrick
• Position: TECH STRATEGY

Continuous Monitoring (CM) initiatives can be designed and targeted to drive operational efficiency and raise enterprise value in myriad ways for organizations. CM is a technology that inspects every essential financial transaction in near-real time, so executives and business process owners can improve operational efficiency while simultaneously limiting the risk of compliance issues, fraud, error and misuse. Financial executives at many organizations rely on CM to find and fix issues ranging from duplicate payments to travel card abuse.

And yet, CM brings a powerful, additional benefit - one that few financial executives currently appreciate. By ensuring the integrity of financial transactions, CM delivers a final layer of protection for any organization's most valuable online resources--its enterprise resource planning and accounting data.

More importantly, this protection works even when the best traditional network security fails.

HACKERS WILL GET IN

TJX Companies Inc. and Sony Corp's Playstation Network represent just two of the major companies that have found themselves the victims of costly hacking incidents--as well as lurid headlines that lingered for months after the attacks were over.

There are many equally serious incidents that either go unreported or happen to smaller, less newsworthy companies. To many observers, it seems like it's become child's play for online attackers to access even the most sensitive corporate assets.

These penetrations happen even though every major corporation and government agency spends tremendous sums of money on Internet security. Such defenses are robust, sophisticated and layered. They are managed by talented, highly-trained professionals. In truth, the vast number of network security systems work exactly as intended ... yet, the bad guys get through.

According to the American Association of Certified Fraud Examiners, 5 percent of company revenue is lost to fraud, with 80 percent of the loss coming from accounting, operations, sales, executive management, customer service or purchasing. Does this mean that we can't trust our own staff, especially those closest to our most sensitive data? Of course not.

The reality is that a technological solution can only go so far in protecting corporate assets. At some level, there remains a human being in the loop with direct access to core enterprise resource planning and other financial systems. And human beings are notoriously easy to fool into giving away...