Embed Size (px)
Citation preview
Cybersecurity: Why Asset Management Matters
Hosted byLenny Zeltser - CISO, Axonius Tom Field - Senior Vice President - Editorial, ISMG
Agenda6:00pm - Registration, Networking 6:30pm - Introductions and Opening Remarks 6:45pm - Roundtable Discussion 8:30pm - Program Concludess
Executive Roundtable Series Sponsored by Axonius
IntroductionThe line between IT and security is blurring. What was once a simple delineation between keeping information safe and providing the tools necessary to get work done is no longer clear. In this new enterprise, why does asset management – once a pure IT play – matter for cybersecurity? How can both the IT and security teams benefit from asset management?
This exclusive executive roundtable on Cybersecurity: Why Asset Management Matters will provide answers to these and other critical questions.
Guided by insights from Lenny Zeltser, CISO with event sponsor Axonius, this invitation-only dinner will also draw upon the experiences of the attendees, who will share their views on how they have come to better understand and respond to the convergence of IT and security when it comes to asset management. Among the discussion topics:
• Why do so many security frameworks consider asset management to be foundational?
• What’s the difference between asset management for IT and for security?
• Why haven’t asset management challenges been adequately addressed?
You’ll have the opportunity to discuss the topics with a handful of senior executives in an informal, closed-door setting, from which you will emerge with new strategies and solutions you can immediately put to work.
Cybersecurity: Why Asset Management Matters2
Discussion PointsAmong the questions to be presented for open discourse:
• What is your level of satisfaction today with your visibility into devices, applications and users on your networks?
• What do you believe are your biggest blind spots?
• How does your organization currently approach cybersecurity asset management – formally or informally?
• What manual or automated tools do you currently use for asset management?
• How does your organization operationalize the information you receive?
• What are your biggest obstacles – technical and non-technical – to improving cybersecurity asset management?
• What investments will you make this year to improve how your organization approaches asset management?
Cybersecurity: Why Asset Management Matters 3
About the ExpertJoining our discussion today to share the latest insights and case studies:
Lenny ZeltserCISO, Axonius
Lenny Zeltser is Chief Information Security Officer and was previously VP of Product at Axonius. Prior to Axonius, Zeltser led security product management at Minerva Labs and NCR. Before that, he spearheaded the U.S. security consulting practice at a leading cloud services provider acquired by CenturyLink. Zeltser also helps shape global cybersecurity practices by teaching at SANS Institute and by sharing knowledge through writing, public speaking, and community projects. He has earned the prestigious GIAC Security Expert designation and developed the Linux malware analysis toolkit REMnux. Lenny is also on the Board of Directors of SANS Technology Institute.
About Axonius
Axonius offers a cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security solution coverage gaps and automatically validates and enforces security policies. By seamlessly integrating with nearly 200 security and management solutions, the Axonius platform can be deployed in minutes, improving cyber hygiene immediately. Covering over 10 million devices at customers like the New York Times, Schneider Electric, ThermoFisher, Landmark Health, AppsFlyer and many more, Axonius was named the Most Innovative Startup of 2019 at the prestigious RSAC Innovation Sandbox. For more visit Axonius.com.
Cybersecurity: Why Asset Management Matters4
About the ModeratorLeading our discussion today is:
Tom FieldSenior Vice President - Editorial, ISMG
Field is an award-winning journalist with over 30 years of experience in newspapers, magazines, books, events and electronic media. A veteran community journalist with extensive business/technology and international reporting experience, Field joined ISMG in 2007 and currently oversees the editorial operations for all of ISMG’s global media properties. An accomplished public speaker, Field has developed and moderated scores of podcasts, webcasts, roundtables and conferences and has appeared at the RSA conference and on various C-SPAN, The History Channel and Travel Channel television programs.
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely to information security and risk management. Each of our 28 media properties provides education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from the North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Our annual global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.
Cybersecurity: Why Asset Management Matters 5
Cybersecurity Asset Management DefinedTOM FIELD: How do you define asset management for cybersecurity?
LENNY ZELTSER: In the context of cybersecurity, asset management is the practice of overseeing security aspects of IT resources, such as servers, laptops, devices, virtual machines, business applications and users. This involves:
• Obtaining and continually updating an accurate inventory of all IT resources;
• Discovering security gaps related to the asset’s presence or configuration;
• Enforcing security requirements to rapidly address the identified gaps.
Implementing this process in a reliable, timely and efficient manner has been one of our industry’s major challenges.
Why It MattersFIELD: Make the case: Why does asset management matter to security leaders?
ZELTSER: How can we secure an IT resource if we don’t know that it exists or if we don’t have visibility into its state? To quote respected
In advance of this event, ISMG’s Tom Field spoke about cybersecurity asset management with Lenny Zeltser of Axonius. Here are excerpts of that conversation.
Cybersecurity: Why Asset Management Matters
Q&A WITH THE EXPERT
Lenny ZeltserCISO, Axonius
Cybersecurity: Why Asset Management Matters6
industry practitioner Adrian Sanabria: “Most security and IT problems begin with visibility.”
He points out: “It’s not enough to know that active devices exist on the corporate network. The devices must be identified, categorized and assigned to owners, if possible. Only after all these things have occurred can security decisions be safely made regarding them and security policy applied to them.”
So it’s not surprising that CIS Critical Controls lists inventory and control of hardware and software assets as its initial security measures. Along these lines, asset management is the first category in the NIST Cybersecurity Framework. For yet another example, consider guidance by the Security and Exchange Commission, which advises organizations to inventory hardware and software to know where assets are located and how they are protected.
Why It’s OverlookedFIELD: Why is asset management overlooked – or at least minimized – as a cybersecurity priority?
ZELTSER: “Basics are hard,” as Adrian Sanabria put it.
Even outside cybersecurity, we know that essential hygiene steps, such as washing hands, can prevent diseases. Yet, many people (including healthcare professionals) don’t regularly wash their hands. And look at our habits related to eating and exercise: Though we know what we’re supposed to do, many of us don’t do it.
In cybersecurity, we’re often attracted to exciting-sounding disciplines, such as threat hunting or red-teaming. We’re drawn to sexy technologies, such as machine learning for malware or anomaly detection. We struggle taking a step back to build a foundation for the security program, even if we know it’ll enable cool efforts, such as spotting intrusions and fighting malware.
Another reason why asset management has been – until recently – a challenge is the lack of effective tooling. Keeping track of IT assets is
“Asset management is the practice of overseeing security aspects of IT resources, such as servers, laptops, devices, virtual machines, business applications and users.” Lenny Zeltser, Axonius
Cybersecurity: Why Asset Management Matters 7
often a manual, error-prone process that consumes much time and yields few benefits. For asset management to deliver its full potential, it needs to be automated and easy to implement.
The Risks and ThreatsFIELD: For those who overlook the importance of asset management, what threats are they inviting?
ZELTSER: Poor asset management practices dramatically increase the chances that threat actors will be able to achieve their objectives, be they to steal sensitive data, disrupt business operations or otherwise put the organization at risk.
After all, an attacker’s entry point is often the server that nobody knew existed, the laptop that lacked anti-virus software, the application that was missing a patch, the port that was left open or the user account that wasn’t locked down. Asset management is essential to being able to address such risks efficiently and consistently.
Business BenefitsFIELD: For those who have taken action, how have they improved their risk posture?
ZELTSER: Asset management allows security leaders to succeed at other initiatives, from rolling out a new anti-virus agent to improving oversight of cloud resources. It bolsters the security organization’s efficiency, allows it to track and demonstrate progress and enables preventing a variety of issues before they escalate into major incidents.
Those who’ve implemented asset management in a way that keeps up with today’s dynamic environments derive another benefit. Such organizations discover that every group related to IT and cybersecurity comes to the asset management system for answers to questions about vulnerabilities, threats, incidents, compliance, troubleshooting and more. The once unsexy asset management system becomes the crux of critical decisions and investigations.
“Asset management allows security leaders to succeed at other initiatives, from rolling out a new anti-virus agent to improving oversight of cloud resources.” Lenny Zeltser, Axonius
Cybersecurity: Why Asset Management Matters8
Strategies for Cybersecurity Asset ManagementFIELD: Talk about the different ways security leaders might approach asset management, such as endpoint security, cloud security and vulnerability management.
ZELTSER: Today’s enterprises have many IT and security systems that know about some portion of the organization’s assets. These include:
• Identity and systems management tools;
• Endpoint security management software;
• Vulnerability scanning tools;
• Passive and active network monitoring solutions;
• Cloud orchestration technologies.
The challenge from the perspective of asset management is that these systems typically exist as data silos, requiring cumbersome efforts to get a unified and actionable view on asset details across multiple systems.
Security leaders can advance their asset management program by extracting useful configuration and other state data out of these systems. The next step is to clean the data to find useful information across the multiple data sources. As you can imagine, achieving this involves a lot of automation and know-how. This is where Axonius – the company where I lead the cybersecurity program – comes in.
How Axonius HelpsFIELD: How is Axonius helping security leaders get a better handle on asset management?
ZELTSER: Axonius integrates with customers’ existing security and management tools to get asset details from numerous data sources. This allows enterprises to obtain a complete inventory of all assets – whether managed or unmanaged, in the cloud or on premise. The approach involves no agents, so our customers can deploy the solution within hours.
Cybersecurity: Why Asset Management Matters 9
Axonius de-duplicates and correlates the data to automatically provide an authoritative and accurate inventory. By looking at their assets from several perspectives, our customers can ask meaningful questions, such as:
• Which systems are missing an endpoint agent or where is the agent misconfigured?
• Which cloud or other resources aren’t being scanned for vulnerabilities?
• Which unmanaged devices are present on the network?
• Which users with access to critical systems don’t have two-factor authentication enabled?
After asking and answering questions like these, customers can direct Axonius to take action, such as open a ticket, email an analyst, quarantine the system, deploy an agent and so on. You can see a short demo video on our website. n
“Axonius de-duplicates and correlates the data to automatically provide an authoritative and accurate inventory.” Lenny Zeltser, Axonius
Cybersecurity: Why Asset Management Matters10
Notes
Cybersecurity: Why Asset Management Matters11
Notes
Cybersecurity: Why Asset Management Matters 12
902 Carnegie Center • Princeton, NJ • 08540 • www.ismg.io
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely to information security and risk management. Each of our 28 media properties provides education, research and news that is specifically
tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Our annual global Summit
series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.
Contact
(800) 944-0401 • [email protected]
CyberEd
