Improve Visibility in Cyberattacks with Cybersecurity Asset Management
Published 08/24/2022
Originally published by Axonius here.
Written by Kathleen Ohlson, Axonius.
Google issued three emergency security updates, in as many weeks, to all of its 3.2 billion users of its Chrome browser. One was for a high-severity zero-day vulnerability that attackers exploited.
Okta’s platform experienced a targeted security attack when someone tried to access the account of a third-party customer support engineer.
The Office of Civil Rights in the U.S. Department of Health and Human Services noted 256 hacks and information breaches to healthcare systems from January–June 2022, up from 149 during the same period in 2021.
These are some of the attacks that occurred in the first half of 2022. Out of 817 data compromises that were publicly reported, about 87% were due to a cyberattack, according to the Identity Theft Resource Center. The nonprofit organization found phishing to be the number-one root cause of these compromises.
The Levels of Complexity
The amount of cyberattacks — and their scale and financial impact — will only continue to wreak havoc on organizations as cybersecurity and IT professionals continue to evaluate and revamp their approach to managing and protecting all of their assets.
And as these professionals do so, one of the biggest challenges in today’s IT environments is how difficult these assets are to inventory. This task requires a lot from teams.
There are all of these devices, cloud services, software, and users — and trying to track them manually brings the complexity to another level. It takes about 86 hours on average to develop an asset inventory, using about eight tools that likely weren’t even built for the task in the first place.
These past few years only added to the workload — and stress — of cybersecurity and IT professionals. Seventy-two percent of survey respondents said their IT environments are more complex now than they were two years ago, according to “Cybersecurity Asset Management Trends 2021.”
The survey, conducted by Axonius, reported respondents experienced more visibility gaps into these areas:
- 79% with their cloud infrastructure
- 75% with end-user devices
- 75% with IoT devices
In time, that lack of visibility really starts to add up. The average cost of a successful breach is now $4.24 million — the highest ever recorded, according to the 2021 Cost of a Data Breach Study, conducted jointly by IBM and the Ponemon Institute.
Then there's the cost to the bottom line. For 44% of global mid-sized and large enterprises, one hour of downtime potentially costs their businesses over $1 million, according to respondents in ITIC’s 2022 Global Server Hardware Survey. The hourly cost of downtime now surpasses $300,000 for 91% of small-to-medium businesses and large enterprises.
Needless to say, this adds pressure to IT and cybersecurity teams.
How can they get more visibility into their environments to keep their organizations protected?
More Visibility for a Stronger Security Foundation
Understanding what’s happening at all times with every asset is foundational. A comprehensive asset inventory ensures IT and cybersecurity professionals know what they have to make smart decisions. It helps them have more visibility, strengthening their overall security program.
This is where cybersecurity asset management platforms come in.
These platforms track all devices, cloud services, software, and users no matter where they’re located, or their uptime or power state. They do this by leveraging existing data continuously in real time. The best cybersecurity asset management platforms provide an always up-to-date inventory, so IT and cybersecurity professionals can see where these security gaps are and initiate automatic responses when an asset or user deviates from policies.
And the top platforms do all this automatically in the background, IT and cybersecurity teams move away from the repetitive, manual tasks of asset inventory to be more proactive. With a cybersecurity asset management platform, teams have more visibility into what’s happening in their IT environments, allowing them to mitigate threats, navigate risks, and decrease security incidents with confidence.
Related Articles:
Why Application-Specific Passwords are a Security Risk in Google Workspace
Published: 11/19/2024
Group-Based Permissions and IGA Shortcomings in the Cloud
Published: 11/18/2024
9 Tips to Simplify and Improve Unstructured Data Security
Published: 11/18/2024
Zero Standing Privileges (ZSP): Vendor Myths vs. Reality
Published: 11/15/2024