In today's issue, I'm diving into a key yet often neglected area of cybersecurity:
Transitioning from a fragmented to a structured approach in cyber asset management.
If you're in cybersecurity, you know managing assets is vital, but often it's not done well.
The Common Misstep
Organizations can't agree on what counts as an asset. It could be anything from hardware, software, to services – basically, anything dealing with data.
This confusion often leads to a messy asset list with mistakes in important details like who owns it, where it is, and what its weaknesses are. While it's a customized approach, it results in disorder and inefficiency.
Before you know it, your asset list is a labyrinth of outdated or missing info. Add in fast-changing tech like cloud services and IoT, and it's even harder to keep up.
A Better Approach: Structured Asset Management
Here are my tips for a more organized system:
1. Redefine cyber assets. Be clear and simple about what counts as an asset for your organization.
2. Use various tools. Different asset types need different tools – like scanners for vulnerabilities and processes for tracking ownership.
3. Embrace the complexity. Accept that modern assets, including cloud and IoT devices, are complex (not event talking about OT). Keep your asset list updated regularly.
4. Use tools properly. Don't misuse tools – like using a vulnerability scanner for asset discovery.
Example: Streamlining Asset Management in a Complex Environment
Say you're managing a network with cloud services, endpoints, and IoT devices. Here's how to apply these steps:
Redefine Cyber Assets
- Start by simplifying what you count as a cyber asset. Maybe it's anything that handles sensitive data.
- Customize this definition for your organization's specific data and security needs. For example, in healthcare, any device dealing with patient info is critical and considered as an asset.
- Regularly update this definition to stay updated with new technologies, business changes and data processing methods.
Integrate Diverse Tools
- Pick tools for each asset type. Use scanners for on-prem IT infrastructure and Cloud Access Security Brokers (CASBs) for cloud assets.
- The real strength comes from how these tools work together. Integrating them, perhaps through APIs, gives a complete and centralized view of your assets.
- Also, streamline the processes linked to each tool. Set regular scanning schedules and real-time monitoring for cloud assets. This ensures efficiency and accuracy.
Tackle the Complexity Head-On
- Recognize the variety of assets, from traditional IT to cloud and IoT. Each needs a specific approach.
- Keep updating your asset list with automated tools for IT and manual checks for things like IoT.
- Educate your team about the different asset types and the need for an up-to-date inventory.
Avoid Misusing Tools
- Use each tool for its designed purpose. For example, use scanners for security checks, not as a backup for asset discovery.
- Recognize these tools' limits. Scanners might not find offline assets or might report false or duplicate assets.
- Supplement these tools with other methods like manual audits or network traffic analysis.
Bringing It All Together
If you're looking to improve your asset management, start with a clear definition of an asset in your setup. Then, use the right tools for each management aspect.
This simplifies your cyber infrastructure, making it more manageable and secure.
With this organized approach and a small shift, you'll have better control over your assets, ensuring a more visibility into security issues.
That's it for this week.
Catch you on the next one.