Asset management is a growing area in the Cyber Security industry. On Episode 12 of The Cyber Security Matters Podcast we were joined by Huxley Barbee, a CISSP and CISM. He is currently a Security Evangelist at runZero, which is the latest role in a glowing career in the cyber security industry. We spoke to Huxley about the advancements he’s seeing in the asset management sector, including his predictions for the future.
How do you see Asset Management evolution over the next few years?
There have been a number of technological trends that have caused a divergence of environments. For example, smart speakers like your Alexa are changing our home environments, because this tech used to be simple, non-connected devices. Now they’re connected to the internet, which exposes you to a higher risk. There’s also been a rise of ‘bring your own device’ culture, where people bring their own phones and tablets to the corporate network. There’s also the move to cloud associated with the DevOps revolution.
A lot of companies will see the cloud as a way of transforming their capabilities to both lower costs and increase speed and agility. Folks are empowered to just spin up new computing devices left and right, but the old devices are not actually decommissioned, so you have a sprawl of this attack surface out in the cloud as well. There are also more and more mergers and acquisitions happening, where a purchasing company has to take on the risks and vulnerabilities in the target company. All these different trends have led to this divergence of environments where companies are not just protecting their corporate IT assets, but also their OT, the factory, their IoT devices, your personal devices, the cloud and whatever else goes on in remote employees homes.
Because of a need to find talent, organisations have started looking at a wider geographic spectrum, and a rise in this ‘work from home’ culture became compounded by the pandemic. That is now also part of what cyber security needs to protect. Over the last 20 years, this evolution of assets has resulted in a decentralisation of control. Meanwhile, it’s the same security team that’s being expected to protect all that. There are numerous statistics out there about how the number of devices connected to the internet is going to continue to go up. Security teams will be more and more challenged, which is a fundamental problem. If you don’t have this foundational capability of knowing what you have, you are absolutely not protected. We’re going to have to see some change in order to address this growing challenge.
How can the industry address those issues?
There are a number of different approaches that have been tried over the last 20 years. There’s the use of agents and authenticated active scans, but they don’t solve the problem of unmanaged devices. If you can put software on a machine, then it probably needs managing. There are other vendors who try and pull data from multiple other sources to try and cobble together some sort of asset inventory. The trouble is, if they’re pulling from limited data sources, they’re not really solving the problem of unmanaged devices either. There’s also a passive network monitor, which theoretically can learn about more devices on the network, but its ability to identify those assets correctly is limited, because it’s only looking at network traffic to make that determination. There’s another approach, which is using an unauthenticated scanner with a security research-based approach for fingerprinting alongside API integrations. We found that this is the winning combination to help you get both breadth and depth of your assets, no matter where they are, no matter what type they are.
To learn more about asset management, tune into The Cyber Security Matters Podcast here.
We sit down regularly with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.