This post is the last in a three-part series. In part one and part two, we discussed how the past obstacles of device management and IoT devices impact the cybersecurity challenges of today and tomorrow.
In this third and final post, we look at the challenges of cloud asset management and their effect on the cybersecurity challenges happening now and in the future.
Predicting the future is impossible. No one knows what’s going to happen tomorrow, next week, or next month.
(Heck, half the time I don’t even know what’s happening an hour from now. 😂)
One way to get a handle on future cybersecurity challenges? Start with asset management. Not only what cybersecurity asset management means today, but how the past got us to where we are.
For years, Amazon had a common problem when it came to creating applications: building them faster.
To boost efficiencies and development, Amazon launched AWS in 2006. AWS transformed cloud computing, changing up how software is developed, deployed, and distributed today.
Even though CISOs and other leaders saw cost savings and other benefits with cloud computing, IT and security teams were reluctant to take a leap into the cloud. For IT and security teams, there were a bunch of challenges, like who owned the data and who’s responsible for securing it.
But factors like always-on, always-connected devices made it “a must” to migrate to the cloud. For C-suite leaders, the move to the cloud brought along cost savings, ease of deployment, and cost predictability.
While migrating to the cloud may be a must today, this shift has brought along some distinct cloud asset management challenges for cybersecurity, like:
The evolution of cloud adoption can help IT and cybersecurity teams know what to anticipate now and down the line.
Everything about computing is subject to change. Where the data lives. How security controls are applied. What tools are in use. All this and more is continually in flux.
In today’s world, asset inventory is ongoing — and certainly not a one-time event. For an accurate asset inventory of everything from cloud assets, to SaaS apps, to devices and so much more, the discovery process must be constant.
"Culture is the foundation for any high-performing team. We all process information differently, we listen differently. We come from different backgrounds and experiences. No matter who you are, I want to know that. I want to understand what makes you you and treat you the way you want to be treated, not how I project myself onto you.”
— Jen Easterly, director, Cybersecurity and Infrastructure Security Agency (CISA)
“[Create an environment] where people can understand when they can take time off and not feel like everything is going to fall apart. [Where] they have a plan for their career and how they’re going to grow. [Where] they have time to be with their friends and family enough not to be burned out."
— Deidre Diamond, founder and CEO of CyberSN and Security Diversity
“Actively invite engagement, listen with purpose, and look for signs of burnout. You can't expect everyone to feel equally comfortable expressing an opinion, and so it's important to solicit feedback at times as opposed to always passively expecting it. When you are getting engagement, listen with purpose. Make an effort to not only hear what's being said, but understand and empathize. Lastly, look for signs of burnout. … If you're noticing signs of burnout on the team, look for ways to intervene, like ensuring adequate team resourcing/load balancing to create a healthy work/life balance for everyone, and that team members are able to take PTO."
— Daniel Trauner, senior director of security, Axonius
“We need an environment where failure is not only tolerated, but an understood aspect of innovation. Our attackers are failing forward every single day, [and] we deserve the ability to do the same if we are going to protect our people, data, and organizations.”
— Chris Cochran, co-founder at Hacker Valley Media and creative director at Axonius
41 Madison Avenue, 37th Floor
New York, NY 10010
.png "Dan Trauner blog quote")
