Redefining ITALM to Reduce Cyber Security Risks

As the number of connected enterprise devices and applications grow, so does the enterprise attack surface, and cyber criminals are becoming ever more creative with their methods. In a recent Deloitte poll, 34.5% of executives said their organizations’ accounting systems and financial data had been targeted by cyber criminals over the last 12 months and nearly 50% expect attacks to increase over the next year.

Unpatched software, end of life (EoL) servers, and outdated operating systems create lucrative opportunities for cyber criminals, as do mergers and acquisitions (M&A). The attack surface is increased as more devices and applications are introduced into the IT estate and highly public deals can put companies on the radar of cyber attackers.

Lack of visibility creates risk

Without a clear view of the hardware and software being accessed and used, cybersecurity breaches can go undetected for months. When a vendor failed to report that their credentials were stolen, attackers were able to access the Home Depot POS system, which recorded customer credit card details, leading to 56 million cards being compromised. Target also experienced a data breach when cyber criminals gained access through a third-party HVAC system, costing it $18.5 million and raising concerns about securing smart offices.

Cyber security risks don’t always originate online, however, and the loss of data-bearing equipment can also place an enterprise at risk for fines and potential lawsuits. That’s the position Morgan Stanley found itself in when, during data center decommissioning, unencrypted equipment containing customer data, found its way into the hands of unauthorized third parties. The company incurred costs that included $60 million to settle a lawsuit brought about by customers and a $35 million fine from the SEC.

Highly regulated industries, including healthcare and finance are seeing both risks and penalties growing. But the explosion in remote/hybrid workforces over the last few years that has fueled the deployment of more connected devices, increased SaaS adoption, and shadow IT is making proper IT asset management (ITAM) almost impossible. A ‘State of SaaS sprawl’ report revealed that the average company has 254 applications, with 56% of all apps being used as a result of Shadow IT.

Implement security best practices to keep data secure

To avoid non-compliance, fines, and loss of reputation, IT should take steps to limit risks:

• Educate users on regulatory requirements and company procedures as well as the latest phishing and other cybercrime techniques.
• Reduce the attack surface by rationalizing applications, consolidating the estate quickly following M&A activity, and prioritizing system migration, patching, and updates based on current risk levels, usage levels, and end-of-support.
• Consider deploying a virtual desktop infrastructure to reduce the risk of company data being compromised when devices are lost or stolen.
• Monitor cloud security and shadow IT using discovery and cloud management tools.
• Ring fence systems containing critical data, such as financial, or customer information, to ensure that it cannot be accessed through third-party systems in the estate.
• Ensure tasks are properly executed and certified by third parties, including ITAD

With only around a third of IT tasks automated, discovering, tracking, updating, and patching a growing list of assets will become increasingly challenging if managed manually.

How to leverage automation to reduce cyber security

By automating ITAM activities you can streamline cybersecurity threat assessment and the methods you use to limit risks. You can do this using a digital platform conductor (DPC), a tool recognized in 4 Gartner hype cycles.

A DPC provides clear visibility of your estate by connecting to your CMDB, global policy systems, configuration platforms, identity management systems, ITSM tools, security monitoring and alert systems, and other data sources. It collects, aggregates, and analyzes the data they contain in real-time to give you a holistic view of all assets and interdependencies, including where assets are, who uses them, OS/patch status, and more. It then uses that data to orchestrate your tools and automate cybersecurity risk management and remediation workflows.

Using a DPC you can:

• Merge data from all sources to gain a real-time view of hardware, where it is located, who is using it, associated applications, OS and software versions, configuration settings, and how data is managed.
• Quickly identify vulnerable devices that require a security patch. Identify which patches need to take priority and receive immediate attention.
• Identify EOL systems and automate the migration and decommissioning workflows.
• Confidently respond to security and compliance audits with highly accurate, validated, asset data.
• Automate workflows to communicate and enforce security policies.
• Identify missing devices or ones that need to be returned and automate workflows to address these devices.
• Orchestrate workflows to ensure proper handling of devices that are being decommissioned and/or disposed of.
• Leverage customizable templates to automate end-user communications to manage tasks such as educating end users or scheduling OS updates.
• Augment cybersecurity monitoring and alert tools, by accessing and using the data they provide to automate workflows to rapidly address any risks they discover.

Book a demo with ReadyWorks to understand how to reduce cybersecurity risks in your enterprise, using a digital platform conductor.