The importance of asset inventory in cybersecurity
Gaps in digital inventory can increase an organization’s risk of suffering a cyberattack and hinder the recovery process.
Asset management is critical to a robust cybersecurity program. Gaps in inventory, for both on-premises assets and cloud resources, can leave you with exposed attack surfaces, and slow down detection and response capabilities.
The past two years of pandemic-driven remote work have led to decreased interdepartmental communication and, in many organizations, less oversight overall. Today, the likelihood that an organization has an incomplete asset inventory is greater than ever.
When we talk about asset inventory in the context of cybersecurity, we’re talking about everything that is connected to the network and everything connected to the internet. This can include hardware, software, devices, data, cloud environments, IoT devices and the Industrial Internet of Things (IIoT).
Another way to consider these assets is as your attack surface — the number of all possible points, or attack vectors, where an unauthorized user can access a system and data. When organizations don’t know the full scope of assets they have or the state of these assets that is a gap in inventory. These gaps can leave your organization vulnerable.
Why are gaps in inventory such an issue for organizations?
Gaps in inventory are an issue because they increase an organization’s risk of suffering a cyberattack and because when such attacks do occur, the resulting investigation and recovery is far more challenging, time consuming and costly.
We cannot secure an IT resource if we don’t know that it exists. Not maintaining up-to-date patching schedules leaves assets vulnerable to malicious activity — and this in turn increases an organization’s exposure to cyberattacks.
When companies don’t know how many machines they have, or when they fail to remove out-of-date systems and accounts in a timely fashion, it’s easier for an attacker to hide and it takes longer to contain an incident. Unknown assets mean unfound risks and exposures.
What are some of the factors that drive gaps in inventory?
There are many factors that drive gaps in inventory and organizations understandably may not be able to address all of them, all of the time.
The first factor that we see often is employee turnover. It can take time to hire replacements when employees leave an organization, and their responsibilities might not be sufficiently delegated to other team members in the meantime.
Not only do employees take important institutional knowledge with them when they depart, but their accounts may not be fully disabled when they leave the company, often because “it might break things.”
The second factor that can drive gaps in inventory is remote working. With so many employees working from home, companies don’t always know who is accessing their systems. More people have email on their phones, or may connect to an unsecured network, or may even send company data to their personal email or computers. This all makes it challenging for companies to stay on top of their assets.
A lack of resources is the third factor that we regularly see. Many organizations don’t have the budget to dedicate employee resources to analyzing, monitoring and maintaining their inventory. It’s not uncommon for companies to be unable to afford the appropriate tooling to conduct attack-surface monitoring.
Regardless of the reason, the end result is the same: Gaps in inventory leave an organization’s assets vulnerable to skilled criminals.
This is not just a technology issue — it’s about people and processes
Even if an organization is fortunate enough to have a massive budget, its people must put in the work to know what assets they have and divide the responsibilities for managing those assets appropriately. The key is having leadership in place that understands the importance of asset management, knows how to maximize the technology they have or are likely to purchase and is willing to execute consistently.
Ultimately, this is not just about the budget and tools. It is about culture and having a team of people that are dedicated and accountable. Educating your employees about issues like asset management and building a culture that is motivated to eliminate any gaps in inventory will go a long way toward protecting your organization against the risk of cyberattack.
Tasha Fasce is a cyber services manager at Beazley.
Opinions expressed here are the author’s own.
Related: