One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2990621 |
| Date de publication | 2021-06-28 10:00:00 (vue: 2021-06-28 11:05:45) |
| Titre | Asset management in the age of digital transformation |
| Texte | Over the past year or so, organizations have rapidly accelerated their digital transformation by employing technologies like cloud and containers to support the shift to IoT and address the expanding remote workforce. Visibility Matters: This digital shift calls for a new approach to asset visibility as traditional asset administration responsibilities like inventory, software support, and license oversight are often the purview of IT and addressed with IT inventory-focused tools. Along the way, many organizations have lost control over their IT asset inventory as they rush to adopt new transformation technologies that have blurred the boundaries of their traditional network perimeters. This lack of visibility into an IT environment undermines the foundations of enterprise security and compliance infrastructure and puts an organization at serious risk of a breach. What you don't know can hurt you! Fundamentally, security teams need to monitor IT asset health from a cybersecurity perspective to help detect security tool blind spots and responding to exposures quickly. It isn't easy to secure something in the world of cybersecurity if you don't know it exists. That's why cybersecurity asset management (or CSAM) is a critical component of the foundation of cybersecurity operations across businesses of all types. By providing a security team a real-time directory of IT assets and their associated security risks, CSAM is one of the building blocks of a proactive, end-to-end security strategy. Asset inventory challenges: Overall, the process of getting asset inventory can be cumbersome and time-consuming for an organization, but a few immediate challenges are: Collecting data from multiple sources, especially in a large, distributed environment. Over the past year, organizations have rapidly accelerated their digital transformation by utilizing technologies such as cloud and container that support the shift to IoT and a remote workforce. Many organizations have lost control over their IT asset inventory as they rush to adopt these new strategies that have blurred the boundaries of their network perimeters. Testing/validating compliance More and more compliance / best practices frameworks are moving towards a risk-based or maturity-focused goal. This requires organizations to know where they stand concerning control objectives, not "at some point in time" but rather "at any point in time." Without a comprehensive and almost real-time inventory of all assets within an organization, it is nearly impossible to validate compliance in a programmatic fashion. Implementing cyber asset inventory management To maintain a complete, detailed, and continuously updated inventory of all your IT assets, wherever they reside (on-premises, in cloud instances, or mobile endpoints), you need an automated, cloud-based system that gives you the following capabilities It needs to provide complete visibility of your IT environment – all IT assets include hardware and software It needs to perform continuous and automatic updates of the IT and security data It needs to be rapidly scalable without the need for additional hardware It needs to help highlight and rank the criticality of assets It needs interactive and customizable reporting features so you can slice/dice the data as required and ensure the reporting is consumable across multiple audiences. Cybersecurity is a team sport. Having the ability to identify tooling that can consolidate workloads and meet cross-organizational functional requirements can be a massive win for the organization. Asset management crucial to Zero T |
| Envoyé | Oui |
| Condensat | along ability accelerated across additional address addressed administration adopt age all almost among any applying approach are are: asset assets associated attain audiences automated automatic based best between blind blocks blurred boundaries breach broader building businesses but calls can capabilities challenges challenges: cloud collecting complete compliance component comprehensive concept concerning connections consolidate consumable consuming container containers continuous continuously control critical criticality cross crucial csam cumbersome current customizable cyber cybersecurity data definition desired detailed detect digital directory distributed don't each easy employing end endpoints ensure enterprise environment especially every exists expanding exposures fashion features focused focusing following foundation foundations frameworks from functional fundamentally future get getting gives goal hardware have having health help here highlight how hurt identify immediate implementation implementing impossible include information infrastructure instances interaction interactive interplay inventories inventory iot isn't know lack large learn least license like lost maintain management many mapping massive matters: maturity mean meet mobile monitor more most move moving multiple nearly need needs network new next not objectives often one operations organization organizational organizations over overall oversight part past perform perimeters perspective planning point practices premises prioritization privilege proactive problems process processes programmatic protection provide providing purview puts quickly rank rapidly rather real remote reporting require required requirements requires reside responding responsibilities risk risks rush say scalable secure security sensitivity serious set shift should slice/dice small software some something sources sport spots stand state steps strategies strategy such support system task team teams technologies technology testing/validating than that's these those throwing time tool tooling tools towards traditional transformation trust types typically undermines updated updates users utilizing validate visibility way what when where wherever why will win within without workforce workloads world wrong year your zero |
| Tags | Tool |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.