Cyber asset management is an essential part of any enterprise’s comprehensive cybersecurity strategy. Choosing the right solution is just the first step in establishing an effective program, yet choosing the wrong solution can have lasting effects on your entire cybersecurity posture.
The right solution gives you the visibility into your cyber asset inventory and risks associated with your cyber assets necessary to base your cybersecurity decisions on. It also presents an important investment in your cybersecurity efforts, which requires you to know what questions to ask as you’re considering the options.
These five questions will help guide your search and help you find the cyber asset management solution that will supercharge your enterprise’s security and resilience to attacks.
Is the solution question-based?
Getting insights out of your cyber asset management solution requires querying the information in a way that is comprehensive and makes sense for users with a variety of technical abilities. Beyond boasting powerful but sometimes cryptic query language capabilities, your solution should allow you to query using natural language questions. A natural language approach to querying your data bridges the gap between the way you think and speak and the data itself, enabling you to search and explore your cyber assets in a more conversational and user-friendly manner.
If it lacks a natural language interface, look elsewhere!
Is the solution graph-based?
Your cyber asset inventory is important. Knowing what you have is the basis for nearly everything you’ll do to protect those assets. Understanding the relationships between those assets, however, is crucial in limiting the damage from an attack or preventing a malicious actor from gaining unfettered access to your environment.
Consider a scenario like the log4j vulnerability, which allowed attackers to remotely execute code to take control of affected systems inside vulnerable organizations. If you’re in a situation where you’re affected by a similar vulnerability, you need to know how your cyber assets relate to each other so you can move from knowledge about the vulnerability to taking action and limiting your susceptibility.
Graph-based solutions have relationships built into their data models by design, making them ideally suited to find context and solve more challenging data-driven problems than other solutions.
Does the solution provide business context?
Looking at your assets in a vacuum and without understanding the relevant business context severely limits the effectiveness of a cyber asset management solution. You need to understand how the business functions and how each asset applies to your business operations.
What good is it to discover a problem with an asset if you don’t know anything about how it’s used. Who owns the asset? Is it considered a crown jewel or critical to the business’ daily workflows? Is it public-facing or secured for internal use? Without knowing this context, you can’t actually fix problems or assign responsibility for the work.
Does the solution integrate with business processes?
Strong asset management doesn’t just mean knowledge of the business, but also integration into its processes. When you’re trying to make progress in a program it’s very difficult to stand up new pipelines or processes; the best way is to integrate into the approved workflows that already exist.
Established enterprise organizations have many business processes already in place, including those governing governance, risk, and compliance (GRC), cybersecurity monitoring and response, physical security, business operations, and more. The more integrated your asset management solution is with those processes, the more effective and beneficial it will be.
Is the solution built with a program-first approach?
Ultimately, the tools you deploy serve broader programs that have a defined purpose. These can be security programs, IT programs, marketing programs, sales programs, and any number of other business-related programs you might run. Rather than being built program-first, many tools (and their developers) focus on features and capabilities, not the outcomes defined by your program’s needs.
Look for a cyber asset management solution that uses the measures of success for your actual program and not some arbitrary measure of success defined by the vendor.
Cyber asset management built for you
There’s a lot that goes into choosing a solution for any business program, and cyber asset management is no different. Your company will likely have its own rubric to apply to the vendor selection process. The five questions presented here are meant to supplement that process and give you the confidence that you’re making the right choice and setting yourself up to effectively and comprehensively understand and protect your enterprise’s cyber assets and infrastructure.
One of my most passionate topics for the last 10 years of my career has been asset management. I’ve always believed that knowing what you have is the first step in knowing how to defend, and that’s why I’m so happy to be associated with the JupiterOne team. I feel strongly that picking the right asset management vendor is one of the most important decisions you can make as a security practitioner.
Review the questions in this article and, when you are ready to start looking more closely at cyber asset management solutions, be sure to schedule a demo with JupiterOne as part of your selection process.