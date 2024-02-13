With Chief Strategy Officer servco securitySecurity industry entrepreneur, board advisor, investor and author.

Critical infrastructure organizations are urged to make cybersecurity resiliency a reality by taking proactive steps to prevent cyber incidents, mitigate their impact, and recover systems and operations as quickly as possible. The impetus for the action is the Cybersecurity and Infrastructure Security Agency’s (CISA) Shields Ready campaign, announced in November 2022 to advance its Shields Up initiative in response to the alarming increase of ransomware and other attacks on critical infrastructure. Was. Shields Ready calls on public and private organizations to implement plans by building security and resiliency into facilities, systems and processes. The initiative focuses on identifying critical assets and mapping dependencies, assessing risks, planning and practicing resilience, and adopting and improving security technologies.

The risk to critical infrastructure was recently illustrated by an attack on the Aliquippa Municipal Water Authority in Pennsylvania in which anti-Iranian threat actor Cyber ​​Avengers targeted water monitoring technology manufactured by Israel-based Unitronics. In this case, the water authority averted a risk to public safety by immediately switching to manual operation. But this will not be the last attack and the next attack could be more damaging.

Building Asset Intelligence into Shield

A big part of being “shield ready” is asset intelligence. In increasingly distributed, interconnected cloud-based environments, having a thorough knowledge of your assets and how they relate to each other is critical to cybersecurity and resiliency. The lessons learned by organizations working in shipping and logistics – which make up a large portion of the diverse sectors with critical infrastructure – can be instructive for organizations in any sector.

For example, a cloud-enabled asset intelligence solution might enable a large logistics organization to track its assets and its cloud infrastructure across multiple locations, allowing the company to leverage its other cloud-based security tools. Is available. Such a platform can enable endpoint security, identity management, Active Directory control, firewall management, and visibility into your asset repository. This can help track access by third-party contractors and other partners, ensuring they only access services or systems for which they are permitted. As the environment grows, asset intelligence can collect new data to maintain a complete picture of what is happening in the environment.

A unified asset intelligence solution integration can improve threat management, patch management, and vulnerability scanning, showing which assets are under full control and which have security gaps. Another essential function in changing environments is continuous monitoring, which allows teams to identify changes to an endpoint or network and see its impact on users. Keeping close control over assets also helps when looking for vulnerabilities, for example, identifying when an asset has not been accessed for a long period of time.

Improving asset control contributes to an organization’s security posture, which also helps companies comply with regulations like Sarbanes-Oxley and GDPR.

Evaluating an Asset Intelligence Solution

A comprehensive asset intelligence strategy can provide a variety of benefits, including time savings. For example, when a leading shipping and logistics company had to split a large enterprise into two separate entities, Asset Intelligence accelerated efforts to ensure that assets and software licenses were allocated correctly. and users had appropriate access permissions. When another company was acquired, its asset intelligence platform helped segment its infrastructure, separate assets and domains, and determine which assets belonged in which domains.

When evaluating an asset intelligence solution, make sure it is easy to use, allowing IT team members and others to quickly see insights from the platform without any training. Such platforms can be used by system and network administrators to examine servers and networks, by help desks to examine endpoints, and by infosec teams to assess the enterprise from a risk-based security perspective. Like a company’s CFO, C-suite executives can use the platform for a holistic enterprise view. Finally, the platform’s dashboard should provide users with a quick, comprehensive view showing the devices on the network that need attention and which are functioning correctly.

understanding the challenges

There are challenges in implementing an asset intelligence solution that must be overcome to be successful. Three common challenges include awareness, cost and time.

• awareness: Many IT and security solutions provide some limited level of asset visibility. Some groups may assume the focus is on asset intelligence because the organization already has EDR, IDM, application management, vulnerability management, etc. While these are all valuable solutions, these are actually sources feeding asset intelligence solutions that aggregate, deduplicate, correlate, alert, and more all asset data. There will be a need to raise awareness and educate about the differences.

• Cost: New solutions have costs associated with technology, training, and operations. Conducting an asset intelligence assessment, which is typically free, should result in a report that clearly shows gaps and helps justify the investment. Some of these cost-related gaps include purchasing too many licenses, underdeployment of controls, unnecessary control duplication, and slow and manual processes.

• Time: Organizations are in a state of constant change with mergers and acquisitions, changes in mission, fluctuations in workforce, new technology, and about a million other variables. This helps make the case that asset intelligence will be needed sooner rather than later and that, for example, not having a solution for asset tracking or relying on spreadsheets will not suffice. It’s like asking, “When do I need working headlights on my car?” You should not drive a car with lights on, and you should not operate a company without knowing the condition and appearance of your assets.

conclusion

“You can’t protect what you don’t know” may be an old saying, but it’s lasted so long because it’s true. As critical infrastructure organizations take proactive steps to ensure the security and resiliency of their operations, using asset intelligence to mitigate risks by identifying resources and closing any intelligence gaps is key to building resiliency and keeping your shield ready. One step in complying with CISA guidance.

