Cybersecurity Risk Management - Physical DevicesAug 15, 2022
The risk management process entails four fundamental concepts, which can be further broken down; however, the fundamental concepts are:
- Frame risk
- Assess risk
- Respond to risk once determined
- Monitor risk on an ongoing basis
However, before getting here, other fundamental steps must be in place, and one that I have discussed here in the past has been asset management. Today I want to give you a bit more detail on this process.
First, inventory every physical device and system you have and keep an inventory of them; this is one of the most important and yet least practiced cybersecurity tasks conducted worldwide. Small and mid-sized businesses can start with a simple Excel or Google spreadsheet, while larger organizations can leverage a configuration management database (CMDB).
The approach can be as simple as brainstorming with your team a list of system types, such as:
- End-user devices: laptops and phones
- Servers: virtuals and physical servers
- Cloud platforms: SaaS, PaaS, and IaaS
You should tie the software inventory into the hardware asset inventory where possible. Make sure to include critical information, such as:
- Network address
- Hardware address
- Machine name
- Data asset owner
Along with the traditional IT devices, consider as part of your team brainstorming devices such as VoIP phones, printers, HVAC systems, and any IoT devices connected to the network that could become an attack vector.
Detection of new authorized and unauthorized devices is critical for the program; therefore, some automation is necessary, which will vary depending on the size of your organization. It can be as simple as monitoring the DHCP server for IP assigning or systems that can scan the network and monitor it on a 24/7 basis or at periodic intervals determined by your organization.
*** FREE GUIDE ***
Author: Dr. Bill Souza | Aug 15, 2022