Cybersecurity

One Small Shift for Better Asset Management

Explore a structured cyber asset management approach to replace chaos with clarity in today's cybersecurity strategy. Vital tips for secure IT setups.

2 min read
asset management cybersecurity nikoloz kokhreidze mandos

In today's issue, I'm diving into a key yet often neglected area of cybersecurity:

Transitioning from a fragmented to a structured approach in cyber asset management.

If you're in cybersecurity, you know managing assets is vital, but often it's not done well.

💡
Here's the thing: managing these assets is key for a stable, secure IT setup. But it's tricky, as there's no clear consensus on what exactly a "cyber asset" is.

The Common Misstep

Organizations can't agree on what counts as an asset. It could be anything from hardware, software, to services – basically, anything dealing with data.

This confusion often leads to a messy asset list with mistakes in important details like who owns it, where it is, and what its weaknesses are. While it's a customized approach, it results in disorder and inefficiency.

Before you know it, your asset list is a labyrinth of outdated or missing info. Add in fast-changing tech like cloud services and IoT, and it's even harder to keep up.

A Better Approach: Structured Asset Management

Here are my tips for a more organized system:

1. Redefine cyber assets. Be clear and simple about what counts as an asset for your organization.

2. Use various tools. Different asset types need different tools – like scanners for vulnerabilities and processes for tracking ownership.

3. Embrace the complexity. Accept that modern assets, including cloud and IoT devices, are complex (not event talking about OT). Keep your asset list updated regularly.

4. Use tools properly. Don't misuse tools – like using a vulnerability scanner for asset discovery.

Example: Streamlining Asset Management in a Complex Environment

Say you're managing a network with cloud services, endpoints, and IoT devices. Here's how to apply these steps:

Redefine Cyber Assets

Integrate Diverse Tools

Tackle the Complexity Head-On

Avoid Misusing Tools

Bringing It All Together

If you're looking to improve your asset management, start with a clear definition of an asset in your setup. Then, use the right tools for each management aspect.

This simplifies your cyber infrastructure, making it more manageable and secure.

With this organized approach and a small shift, you'll have better control over your assets, ensuring a more visibility into security issues.

That's it for this week.

Catch you on the next one.

Share This Post

Check out these related posts

3 Critical Steps to Build an Intelligence-Led SOC

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 5 min read

Choosing a Security Operations Center: In-House, Hybrid, or Outsourced

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 14 min read

The Perils of Platform Dependence: Lessons from the Great CrowdStrike Meltdown

  • Nikoloz Kokhreidze
by Nikoloz Kokhreidze | | 9 min read