When implementing our own, in-house, computer systems, we know that it isn’t sufficient to just build in beautiful security processes and controls and then leave them to work their magic. Good security requires continuous monitoring to determine when those controls need to be adapted to meet new environments or new threats. Monitoring may even be able to detect problems before they occur, or at least significantly reduce their impact when they do.