MEASURING THE PROTECTION DOMAIN WITH AXONIUS
Along with more situational awareness and easier data collection, the ISOC team has greater visibility into vulnerabilities. Specifically, they’re identifying vulnerabilities more efficiently.
According to Daniel Clark Lee, his team would switch between four or five different tools to find out which devices had alerts or compromises. It took time and resources away from day-to-day tasks. The ISOC team can now quickly identify compromised devices and find the users that are associated with specific devices.
Axonius has quickly become one of Alvarado’s go-to tools for alert investigations. Alvarado recently used Axonius to look into the alerts around IP phones. He had visibility into whether anyone in any of the city’s departments were using the models in question.
“We didn’t have any of them on that occasion, but it’s good to have the peace of mind so we can answer questions like that,” Alvardo said.
The ISOC is also receiving insight into any non-compliant access to the network, enacting layer policy enforcement when the time comes. If an issue appears, the ISOC team can take different measures, like reminding a department to follow the city’s cybersecurity standards.
Axonius has helped Tim Lee with measuring and quantifying the City of Los Angeles’ protection domain — and the ISOC’s scope of responsibility.
“Now we can get into the endpoint level,” Tim Lee said. “For example, under our protection umbrella, we have 87,000 assets that are connected to our network. It’s easier for me to present or share this information with the business executives.”
“We can quantify the scope and then the potential impact,” he continued. “Not only is the information measurable, it’s actionable, too. Axonius enhances our capabilities on threat hunting, investigations, and situational awareness.”
For Tim Lee, Axonius has helped him with decision-making and forward-looking initiatives, like Zero Trust.
“When you have a clear picture on the scope and domain of what you're protecting, then your strategy and your program is very targeted and very accurate,” he said. “Otherwise, you’re in this blind mode. Your cybersecurity program is not effective and your budget is not defensible. And then you are wasting resources, too.”
“When you have good cybersecurity situational awareness, you can make an informed decision and make your cyber defense strategy more effective and efficient ” Tim Lee continued. “The information that we get from Axonius is one of the elements that support this process.”