Knowledge is a critical ﬁrst step to a well-oiled cyber hygiene machine. In order to achieve the necessary knowledge, asking the right questions is key:
- What devices/applications are operating on my network?
- Who are they communicating with?
- Who has access to critical assets on my network?
You cannot defend yourself against the exploitation of vulnerabilities you don’t know you have. And you cannot defend systems, applications and users that you are unaware of.
Organizations are waking up to the realization that cyber hygiene must become a core competency within their IT departments.
One report suggested that the typical organization has 1,100 unknown applications installed on company devices. Rogue software applications or out-of-date software versions represent easy access points for bad actors. Do you have the capability to discover all of the software applications and versions running on your machines? Is this built into your standard cyber hygiene operating procedure?
Digital transformation is sweeping through organizations that are hell-bent on connecting everything and anything that contains or generates data. This also includes creating a digital trading partner out of every vendor and supplier in their delivery chain. The business beneﬁts are undeniable, but the complications are immeasurable. Add to this the IoT and an organization’s attack surface becomes limitless.
Automated management of network assets becomes critical to pursuing a high level of cyber hygiene and is really the only way to avoid overburdening an already busy security and IT staff.