+44 (0)203 88 020 88

Menu

Search

Cyber Security News & Articles

 

Cyber Security
News & Articles

Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic

Why Asset Management is important for Cybersecurity

As a security manager you can only protect systems that you know about. Asset Management is the art and science of keeping track of all the devices connected to your network so that you can protect them.

You can’t protect what you don’t track

One of the developments in cybersecurity thinking in recent years has been the realisation that Operational Technology (OT) is just as important as Information Technology (IT).

Operational Technology refers to industrial control systems, intelligent devices and other systems that deliver automated industrial operations – with a focus on the physical processes and devices.  Think manufacturing systems in a cake factory or centrifuges processing radioactive ore in a nuclear facility. OT systems are often networked in order to provide remote monitoring and real time management.

Information Technology refers to computer systems that process information – the desktops, servers and mobile devices we all use every day to write emails and balance budget spreadsheets.

From a cybersecurity perspective, OT systems are just as vital as IT systems but perhaps are a little later to the party for mainstream organisations.  Since the Stuxnet malware was used to target the OT systems which ran part of Iran’s nuclear programme, CISO and security managers have started to worry about the myriad of industrial control systems across their business which were previously ignored by the IT and security teams.  Even for pure knowledge based businesses that do not have factories, the OT systems which control lifts and air conditioning systems could be vulnerable to attack resulting in significant disruption and physical damage to offices and equipment.

What is Cybersecurity Asset Management?

Cybersecurity Asset Management (CAM) provides the processes and policies that manage the life of your enterprises assets both IT and OT, from creation / procurement through to disposal – keeping them secure all the time to prevent their compromise by threat actors.

An effective cybersecurity asset management program ensures that:

  1. Assets are created or procured in a managed way, following an agreed process
  2. Rogue assets are quickly spotted and brought under management for their own protection
  3. All assets remain secure throughout their operational life
  4. End of life assets are decommissioned safely to ensure no data leaks out of the organisation

The scope of the CAM program should include physical and virtual systems as well as cloud-based assets such as S3 buckets and serverless databases.  Assets is often a synonym for a server or network device, but it can also refer to datasets on those devices.

How to Implement Cybersecurity Asset Management

An effective cybersecurity asset management program will need to include the following steps

Get to know your estate

Asset management is a bit like being a shepherd – the first step is to count the number of sheep in your flock, only then will you be able to tell if one goes missing or if an interloper sneaks into the sheepfold.  So the first step to establish a CAM program is to inventory your network in order to identify every device connected to it.  Usually this makes use of some form of scanning tool but physical inspection may also be required (for example if some devices have been security hardened and they do not respond to network scans).

Once the initial asset inventory has been compiled, it is vital that it is regularly maintained both to track authorised changes (via your Change Management process) but also to identify rogue or unexpected assets that appear on the network.  For cloud environments, obtaining access to the master subscriptions that your organisation maintains with the cloud hosting companies can be a simple and effective way to check for new asset creation – as they will show up on the invoice.

Find the owners

For every asset identified in your inventory, locate the owner of that system and identify who is responsible for vulnerability management and maintenance of the asset.  This will both ensure vulnerabilities are being addressed and ensure maintenance can be scheduled with the owner’s permission.

With input from the owners, assets can then be categorised or ranked to identify their importance to the organisation.  Knowing the criticality of the asset allows you to prioritise resources and schedule vulnerability remediation to protect the most valuable assets first.

Maintain your asset register

Having created your asset list, it is important to keep it up to date as it is needed by other important processes. For example, if you use vulnerability scans to help ensure all your systems are patched and up to date you also need to be confident that your scans are including every system on the network and not missing some out by accident. So effective vulnerability scanning requires an up-to-date asset list of systems to scan.

The two key tools for keeping the asset register are to date are:  running regular discover scans (using NMAP or a similar tool) to spot devices joining or leaving the network and by linking into your Change Management process in order to spot the commissioning and decommissioning of systems.

Actively maintain your asset register not only makes it much easier to spot shadow IT systems created by your business but also to promptly spot the arrival of malicious devices onto your network so they can be isolated and removed.

Safe and Effective Disposal

When an asset reaches its end-of-life, it must be decommissioned and disposed of safely in order to ensure no residual data remains on the asset and leaks out of the organisation.

Keeping assets around that have served their purpose or reached their end of life can become a vector of attack or vulnerability if the no longer receive vendor support or stop being regularly used which reduces the likelihood of someone spotting abnormal behaviour.

Assets need to be cleansed before their leave your organisation – having their data and configuration wiped so as not to leak any information that could be useful to a threat actor.  If it is not possible to wipe the device, then physical destruction may be the only secure means of disposal.

 

Security Managers know that you cannot secure what you cannot see, and a Cybersecurity Asset Management program is the way you can bring visibility to all the assets under your protection and monitor them through their entire operational life.

Subscribe to our monthly newsletter today

If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter. 

We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.

Why Choose SecureTeam?

Customer Testimonials

“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”

Aim Ltd Chief Technology Officer (CTO)

"Within a very tight timescale, SecureTeam managed to deliver a highly professional service efficiently. The team helped the process with regular updates and escalation where necessary. Would highly recommend"

IoT Solutions Group Limited Chief Technology Officer (CTO) & Founder

“First class service as ever. We learn something new each year! Thank you to all your team.”

Royal Haskoning DHV Service Delivery Manager

“We’ve worked with SecureTeam for a few years to conduct our testing. The team make it easy to deal with them; they are attentive and explain detailed reports in a jargon-free way that allows the less technical people to understand. I wouldn’t work with anyone else for our cyber security.”

Capital Asset Management Head of Operations

“SecureTeam provided Derbyshire's Education Data Hub with an approachable and professional service to ensure our schools were able to successfully certify for Cyber Essentials. The team provided a smooth end-to-end service and were always on hand to offer advice when necessary.”

Derbyshire County Council Team Manager Education Data Hub

“A very efficient, professional, and friendly delivery of our testing and the results. You delivered exactly what we asked for in the timeframe we needed it, while maintaining quality and integrity. A great job, done well.”

AMX Solutions IT Project Officer

“We were very pleased with the work and report provided. It was easy to translate the provided details into some actionable tasks on our end so that was great. We always appreciate the ongoing support.”

Innovez Ltd Support Officer

Get in touch today

If you’d like to see how SecureTeam can take your cybersecurity posture to the next level, we’d love to hear from you, learn about your requirements and then send you a free quotation for our services.

Our customers love our fast-turnaround, “no-nonsense” quotations – not to mention that we hate high-pressure sales tactics as much as you do.

We know that every organisation is unique, so our detailed scoping process ensures that we provide you with an accurate quotation for our services, which we trust you’ll find highly competitive.

Get in touch with us today and a member of our team will be in touch to provide you with a quotation. 

0

No products in the basket.

No products in the basket.