Three Steps To Lowering Cyber Insurance Costs
Security assessments, breach and attack simulation, and asset intelligence are key to showing security controls are in place for cyber insurance
Security assessments, breach and attack simulation, and asset intelligence are key to showing security controls are in place for cyber insurance
Some of the most significant risks aren’t zero-day attacks or sophisticated new supply-chain worms. They are trusted systems that have been in use for years.
When we learned about the Cisco IOS XE vulnerability, we immediately created queries to help customers proactively search for vulnerable devices running the OS in their environments.
Definitions of threat hunting all center on one extremely mistaken idea—it is a form of proactive cyber defense. That can’t be further from the truth.
When the CMDB is not accurate, managers can’t lock down systems securely, make change management decisions, or see how service levels are really performing.
To protect the entirety of your attack surface, the priority for security teams needs to be creating and maintaining a comprehensive inventory of every IT asset that touches the network.
Even the most comprehensive list of vulnerabilities can’t safeguard companies from exploits within the IT assets they’ve abandoned or forgotten about.
With no overarching responsibility for IT asset management, it’s important to connect with the various owners of the tools that deliver inventory – because this is a team effort.
We’ve discussed the challenges of getting to a comprehensive IT asset inventory. What we haven’t discussed is the impact this comprehensive asset inventory will have.
Today’s IT environments are extremely dynamic, so capturing the changes in overall inventory, as well as how specific attributes change within a specific asset, is important.