This is the first in a three-part blog series by Enterprise Management Associates (EMA) discussing how vulnerability management can be expanded and simplified by using a cybersecurity asset management solution. Part one of the series focuses on defining the cybersecurity asset management solutions category and includes a summary definition of vulnerability management.
Security and compliance vendors are always looking to solve problems — sometimes, problems an organization didn’t even know it had. Occasionally, there are problems complicated enough that even when an organization discovers the problem, there isn’t a reasonable solution for it. One of these types of problems is asset management. How can an organization gain and maintain a true accounting of every technology asset in its infrastructure?
Various manual office productivity tools have existed for some time. For example, glorified spreadsheets have been used to catalog devices and user assets — with marginal success. However, these methods have always been inaccurate, laborious, and prone to human error. Further, these methods don’t allow asset owners and business decision-makers to understand the potential cybersecurity impacts associated with any specific asset, let alone see the interconnections between assets and the downstream risks of a system vulnerability.
Cybersecurity Asset Management: Key Use Cases
The emergence of cybersecurity asset management solutions elevates the process of identifying and tracking technology assets from an additional column on a bookkeeper’s spreadsheet to a core security function. Such solutions allow businesses to discover, catalog, and map technology-related asset data (with a primary focus on devices, cloud instances, and users), correlate it with vulnerability information, and surface problems or potential problems related to cyber risk. Cybersecurity asset management solutions often complement the following use cases:
- Asset Inventory and Management – At the most foundational level, organizations need to know the users, devices, cloud instances, and SaaS applications used throughout the organization that require cybersecurity oversight and/or governance.
- Vulnerability Management – Organizations must understand which assets may be vulnerable to exploits and ensure all assets are analyzed for vulnerabilities.
- Detection and Response – Security and tech teams must ensure detection and response capabilities provide coverage across the enterprise.
- Incident Response – Enriched, correlated data about assets should be used to expedite incident response investigations and remediation.
- Cloud Security – Businesses must have assurance that cloud instances are secure and configured to prevent overly permissive access rights, even when they’re commissioned and decommissioned rapidly.
- Continuous Control Monitoring – Security, IT, and audit teams need to be able to easily and rapidly identify when security controls are missing.
- Regulatory Compliance – Enterprises must have the ability to audit and enforce cybersecurity compliance mandates related to assets and their use.
Using a cybersecurity asset management tool to understand the assets in an enterprise environment is one of the first steps in vulnerability and risk management processes. Vulnerability management, which is the process of finding, assessing, remediating, and mitigating security weaknesses for known assets, gives enterprises the ability to assess the status and risk of unknown devices. Vulnerability assessment, the process of identifying vulnerabilities in assets, is often used interchangeably with vulnerability management. However, assessments are just tools that inform vulnerability management which, in turn, is an input to enterprise risk management.
As a main component of cybersecurity asset management, vulnerability management is essential. Yet, vulnerability management is a struggle for most enterprises for three primary reasons:
- There are usually more vulnerabilities than time or resources available to remediate
- It’s often unclear which vulnerabilities need to be remediated first (which ones are the highest priority to remediate)
- The constant discovery of new vulnerabilities and new assets often means that remediation efforts are nearly impossible to control
Fortunately for the enterprise, tools exist that can help make sense of the myriad vulnerabilities, simplifying vulnerability management and making it more actionable.
The real-time, comprehensive catalog of assets (and associated data) that cybersecurity asset management tools provide allows enterprises to enhance their vulnerability management approach in multiple ways.