How Cyber Assets Are Like Star Trek's Tribbles Problem

by

Forget Stars Wars and May the Fourth. Star Trek is the best sci-fi show ever created.

Matrix-Star-Wars

When I was in middle school, my science teacher, Mr. B., introduced me to the original Star Trek series. And it had me shook. Ever since, the series has been my standard for real science fiction.

I vividly remember a Star Trek episode called "The Trouble with Tribbles"

Do you remember Tribbles? They are the cute, cuddly, and harmless looking alien species from Season 2 Episode 15. Although adorable, the Enterprise crew discover that tribbles are born pregnant and reproduce at a rapid rate. These cuddly tribbles threaten the entire ship, but fortunately Chief Engineer Montgomery Scott saves the day by transporting all of the furry creatures to a departing Klingon ship.

Why Cyber Assets are like Star Trek's Multiplying Tribbles Problem

These tribbles remind me of cyber assets at most companies:

  • You want them to be small, agile and cute. You see a few AWS accounts here, a GitHub repo, and a few users, but before you realize it your cyber assets are reproducing like crazy and it's destroying everything. You're putting your entire crew in danger!
  • Cyber assets, like tribbles, also consume everything. They eat up a great amount of your resources. Everything from time, space, manpower, productivity, and more is destroyed. The list of operational and maintenance requirements keep expanding, distracting your teams from doing value-add work. 

In other words, you need Chief Engineer Montgomery Scott to come save the day.

58ceso

Why Visibility Into Your Tribbles Problem Isn't Enough

In the age of cloud, cyber assets are increasingly more complex. Instead, we should redefine all assets as:

  • Anything you can draw a box around, specifically any asset that can be software defined. Everything from identities to cloud configurations and repositories fall under this category.
  • More than just IP-based devices. Limiting assets to those things that are addressable by IP or MAC address severely limits the depth of understanding that can be built with interconnected relationships.
  • Software defined and ephemeral. Cyber assets in a modern world don't last long. Actually, if designed properly, you want them to come and go as scale dictates. Managing ephemeral assets with traditional asset management software is a recipe for disaster.
  • Highly complex relationships that connect people, process, and technology. The most important part about cyber assets isn't the asset itself, but it's the asset's relationship to every other asset in the collection. This is where the value really resides. It's time to move on from static lists of asset inventory. Let's start understanding the web of relationships and context of your dynamically changing software-defined cyber assets.

Just like the cuddly tribbles from Star Trek, cyber assets on their own are incapable of directly causing harm. Nonetheless, left unchecked, they could rapidly multiply and devastate entire ecosystems on a planetary (or organizational) scale.

9abec8cd3305126d3dc92aa7bb807ef3

It's no longer enough to just know where all your assets are. Businesses must now reinvent how they track, monitor, and govern a new "cyber asset" collection in order to step up their game to survive in a world overflowing with Tribbles. 

In conclusion: Star Trek fans are the best. Live long and prosper.

 

Note from JupiterOne CMO, Tyler Shields: Star Wars is way cooler than Star Trek. The author of this blog does not represent the entire employee base of JupiterOne and may end up being teleported off of the Enterprise very soon! May the force be with you!

 

Get ahead of your tribbles (aka cyber asset monster) problem today. 

Download the Modern  'Visibility' for Cybersecurity and IT Asset Management Whitepaper.

ITAM banner-01

 

Jennie Duong
Jennie Duong

Director of Product Marketing at JupiterOne. Eternal cynic and privacy advocate. Prior to JupiterOne, Jennie spent the past three years living, traveling, and working abroad across 25+ countries. She consulted and advised for several B2B cybersecurity and cloud startups.

Keep Reading

Proactive IAM Security: Transforming Identity Security with Actionable Insights | Okta Integration with JupiterOne
December 19, 2024
Blog
Unlocking Proactive Security: How Okta and JupiterOne Elevate IAM Insights

Unlock proactive IAM security with Okta and JupiterOne, gaining real-time insights, enforcing least privilege, and reducing risks in dynamic cloud environments.

Transitioning from Vulnerability Management to Exposure Management | JupiterOne
December 13, 2024
Blog
Transitioning from Vulnerability Management to Exposure Management with JupiterOne

Explore Gartner's latest report on Exposure Management and learn how your organization can prioritize vulnerabilities and minimize exposures.

The Ultimate CAASM Guide for 2025 | JupiterOne
November 20, 2024
Blog
The Ultimate CAASM Guide for 2025

Discover how Cyber Asset Attack Surface Management (CAASM) is providing enhanced visibility of internal and external assets in 2025.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.