During Week One of National Cyber Awareness Month (NCSAM), our focus is on knowing your assets.
Often-times when speaking with businesses, you ask if they know what their assets are and you get one of two common reactions: those whose eyebrows shoot up and admit they have no clue; or those who understand what their assets are and have a ‘gut feel’ as to what the important ones are.
I tried this myself at home by guessing how many internet-connected devices I had and how much physical storage I had.
My guess was that I had in the region of 12 internet-connected devices and about 10TB of storage capacity.
In reality, after scouring through my items, I discovered I had 32 internet connected devices with a total capacity of just under 17TB of data!
Bear in mind, these are just my own devices in my own home.
It becomes much harder for larger organizations to work out what all of their assets are and where all of their data is.
Before embarking on a security plan, it’s important for businesses to understand their assets and identify the most valuable ones that are worth protecting, while also bearing in mind that priorities change over time. Just as a young, single person may say their beloved sports car is their most valuable asset, once married, their partner may become their most valued asset. Maybe having children will change their priorities – until the kids get older and move out, never to return. At this point, the garden might become the most valued asset, a place to spend hours pruning plants and wondering why no-one mentioned the joys of gardening 30 years ago. It certainly would have saved you from the trouble of marriage, kids, or cars.
The point is that at any time, it’s important to understand what’s most valuable to the business and then deploy security controls to protect and monitor it. That will ensure that your time and effort is spent protecting your most important assets, and—in the event a breach does occur—that the company can detect and respond to it quickly. This is a better approach than waiting to read about it many months later in the news.
ABOUT LEVELBLUE
LevelBlue is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
