An open RDP port that's been found in the KYND report is being actively monitored. Is that secure?

Monitoring and logging is good security practice however it is not a mitigation measure. “Block after x attempts” mechanisms are also not mitigation measures due to spoofing and botnet attacks. 

Valid mitigation measures are necessary to secure this vulnerability as it is a common vector of attack. We advise limiting access to the port through firewall rules and preferably placing this behind a VPN.