Why your Cybersecurity Organization is Relying More on IT Asset Management
IT Asset Management practice is getting more involved with Cybersecurity programs. This article explore why this need is increasing.
In the early days, IT Asset Management (ITAM) practice was usually seen as a financial function to control the expenditures related to hardware and software. In more recent times, cybersecurity has turned their eyes on the valuable data the ITAM organization can provide. A mature ITAM program is ready to provide the data that cybersecurity needs to excel in the prevention of security breaches. You cannot secure what you don’t know you have”.
With the companies moving to the digital age and use of cloud services for Product as a Service (PaaS) and Software as a Service (SaaS), it has been imperative for the ITAM groups to look for solutions to know what the company owns in the cloud, even if is computer resources or software services. Cost control is one of the primary functions to know that we use in the cloud from virtual servers to licensing or subscription for software as a service.
A poor or incomplete inventory that does not include cloud resources, remote assets, applications, etc. will not provide a solid base for the cybersecurity program. This causes incomplete or inadequate security initiatives and aims to be reactive rather than proactive.
Popular cybersecurity standards and frameworks include the need to have an accurate inventory in their recommendations. Which is included in the ISO 27001 certification.
The Center for Internet Security also includes hardware and software inventory as their first two security controls an organization must implement. Those are:
• CIS Critical Security Control 1: Inventory and Control of Enterprise Assets
• CIS Critical Security Control 2: Inventory and Control of Software Assets
Both security controls aim to have the base for additional security activities such as vulnerability management, where vulnerability scanners obtain IP addresses of objects connected to the network that require attention. There is always a need to know all the available data for records found to have vulnerabilities. Other tools, like active discovery, which reviews network traffic, provide good insight of what is in the network; and always will need to consult additional details of those objects from the asset management database of configuration management database (CMDB).
Inventory processes are becoming more complex tasks. When processes were on-premise, the security of the network was based on securing the premise to avoid treats from the outside. This is not the case anymore with organizations leveraging third party cloud services for PaaS and SaaS, remote workers, and mobile devices.
To whom should the organization leave the task to get all the needed inventory? Is it worth it to give the ITAM organization more powerful tools to boost the value they must provide as a single source of truth? Who will give better insights, the ITAM organization or cybersecurity? These are, in essence, the questions CIOs must answer to establish a sound control of their assets.
These questions pertain to the fight to tear down silos. Silos are bad for the organization and catastrophic for cybersecurity. Breaking apart the silos between ITAM and cybersecurity will leverage collaboration both ways. Always remember, your mission to have an accurate and complete inventory is the foundation that provides cybersecurity with what to protect.