The global pandemic forced organizations to rapidly accelerate their digital transformation. As a result, nearly overnight, companies spanning all sizes and sectors deployed technologies like cloud and containers to support the shift to IoT and address the remote workforce.
While this digital shift is widely talked about, one of the often-overlooked repercussions of such rapid transformation is the need for a new approach to asset visibility. Traditional asset management responsibilities, such as inventory, software support, and license oversight, are usually addressed with IT inventory-focused tools.
Now, many organizations are feeling like they’ve lost control over their traditional IT asset inventory as new technologies have blurred the boundaries of network perimeters. This lack of visibility is a major security risk and must be addressed by a renewed approach to asset management.
More data, more problems: Top asset inventory challenges
Cybersecurity asset management (CSAM) should be the primary foundation for IT security operations across businesses. CSAM provides security teams with a real-time directory of IT assets and their associated security risks, making it the building block of a proactive, end-to-end security strategy.
With CSAM in mind, let’s consider the cumbersome, time-consuming process of conducting a proper asset inventory. A few immediate challenges include:
Collecting distributed data from multiple sources
With the introduction of cloud and container technologies, a vast amount of data now resides across multiple sources. This large, distributed work environment that has become the norm during COVID-19 brought with it an immense challenge in trying to locate and secure all data.
Validating compliance regulations
Increased compliance regulations and best practices-inspired frameworks, such as the Cybersecurity Maturity Model Certification (CMMC), are moving towards risk-based or maturity-focused goals.
This requires organizations to understand their approach to control objectives not just “at some point in time” but rather “at any point in time.” To achieve such a posture, security teams need a comprehensive, near real-time inventory of all assets within an organization, as it is nearly impossible to validate compliance in a programmatic fashion.
How to approach implementing cybersecurity asset management
When getting started with CSAM, security teams should look to an automated, cloud-based system that allows them to maintain a complete, detailed, and continuously updated inventory of all IT assets, wherever they reside, including on-premises, in cloud instances, or mobile endpoints. The following capabilities must also be considered in such a cloud resource:
- It needs to provide complete visibility of an IT environment – all IT assets include hardware and software
- It needs to perform continuous and automatic updates of the IT and security data
- It needs to be rapidly scalable without the need for additional hardware
- It needs to help highlight and rank the criticality of assets
- It needs interactive and customizable reporting features so you can slice/dice the data as required and ensure the reporting is consumable across multiple audiences
Today, organizations must operate with a security-first mindset, which means all employees have a shared responsibility in ensuring the company is operating as securely as possible. This includes helping with CSAM – through appropriate cloud-based systems, employees will have the ability to consolidate workloads and meet cross-organizational functional requirements, which is a significant win for the organization.
Asset management in the wake of zero trust
Zero trust has garnered significant attention in the wake of large-scale cybersecurity incidents. Now more than ever, organizations are turning to the “trust no one” approach to better secure their assets, and one of the most critical steps for planning a successful zero trust implementation is to have updated asset inventories. The asset inventory should include all hardware, software, network connections, users, data, and processes.
By focusing on assets, an organization can set sensitivity and prioritization on those assets that require the most protection and security. Once that is complete, the organization should move onto mapping all assets and the interplay between each. Here, security leaders will be applying the concept of least privilege to every interaction among assets, which is no small task, but necessary to achieve zero trust.
Major disruption and innovation, which occurred during the height of COVID-19, requires organizations to rethink outdated approaches to business operations, especially when it comes to cybersecurity.
Traditional asset management must evolve to locate data spread across various technologies, including the cloud and containers, while also adhering to modern-day frameworks and compliance requirements.
CSAM should be a top priority across organizations today, as only through a thorough understanding of where all IT assets live across multiple ecosystems can a company be better prepared to combat the threats of tomorrow.
from Help Net Security https://ift.tt/3xdavnn
0 comments:
Post a Comment