Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

Why Is Cyber Assessment So Important in Security?

All the pen testing and tabletop exercises in the world won't help unless an organization has a complete and accurate understanding of its assets.

Erkang Zheng, Founder and CEO, JupiterOne

January 12, 2022

2 Min Read
a hand working on a checklist on a board.
Source: Worawut via Adobe Stock Photo

Question: Why is cyber asset management so important in security?

Erkang Zheng, founder and CEO, JupiterOne: In cybersecurity, we treat the symptoms more than the root causes of vulnerability. But in order to understand the root causes, we need to understand our cyber assets. An organization is constantly evolving and adding new cyber assets constantly. It needs the proper people and processes in place to be ready for an attack. We need to do security activities, such as penetration testing and tabletop exercises, but if we undertake those procedures based on an incorrect or incomplete understanding of our organization’s assets, then all those exercises become useless.

In most cases, we still catalog our assets through an incomplete approach based on outdated technology platforms and architectures that have been built out over the past couple of decades. As a result, we assemble an incomplete picture of all our assets and resources. This is because our traditional security stacks cover a small subset of our current digital operations, providing inaccurate visibility of our environment.

Even if we have good knowledge about all of our devices, users, servers, hardware, and IP addresses, that only makes up a small percentage of our current attack surfaces. New, novel attacks will find their way into the remaining portion of our systems that run data and applications on cloud workloads, hosted storage systems, mobile phones, IoT devices, virtual environments, and more.

Cyber asset context is key to securing an organization. We must establish a more comprehensive security foundation that understands the organization and the complex connections between its cyber components for all of these reasons. Then we can properly prepare for an incoming attack and recognize the nature of the problem. We can train our teams with the right processes and playbooks to fight back when that same threat happens again – and even block future attacks to make them improbable rather than inevitable eventually.

About the Author

Erkang Zheng

Erkang Zheng

Founder and CEO, JupiterOne

Erkang Zheng, founder and CEO of JupiterOne, is a leader in cybersecurity with two decades of experience in all domains from identity and access, penetration testing and incident response to data, application and cloud security. Zheng holds several patents and is passionate about combining innovation and execution to deliver practical solutions that address cybersecurity challenges at their root cause. He was previously the head of software security architecture and assurance practice for Fidelity Personal Investing that serviced over 12 million customer accounts. He also led a team of engineers building customer protection solutions as well as patent-pending security R&D. Before Fidelity, Zheng held global leadership roles at IBM Security and at a number of tech startups. https://www.linkedin.com/in/erkang/

See more from Erkang Zheng
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Latest Articles in The Edge
Read More The Edge