How Cyber Assets Are Like Star Trek's Tribbles Problem

By

Forget Stars Wars and May the Fourth. Star Trek is the best sci-fi show ever created.

Matrix-Star-Wars

When I was in middle school, my science teacher, Mr. B., introduced me to the original Star Trek series. And it had me shook. Ever since, the series has been my standard for real science fiction.

I vividly remember a Star Trek episode called "The Trouble with Tribbles"

Do you remember Tribbles? They are the cute, cuddly, and harmless looking alien species from Season 2 Episode 15. Although adorable, the Enterprise crew discover that tribbles are born pregnant and reproduce at a rapid rate. These cuddly tribbles threaten the entire ship, but fortunately Chief Engineer Montgomery Scott saves the day by transporting all of the furry creatures to a departing Klingon ship.

Why Cyber Assets are like Star Trek's Multiplying Tribbles Problem

These tribbles remind me of cyber assets at most companies:

  • You want them to be small, agile and cute. You see a few AWS accounts here, a GitHub repo, and a few users, but before you realize it your cyber assets are reproducing like crazy and it's destroying everything. You're putting your entire crew in danger!
  • Cyber assets, like tribbles, also consume everything. They eat up a great amount of your resources. Everything from time, space, manpower, productivity, and more is destroyed. The list of operational and maintenance requirements keep expanding, distracting your teams from doing value-add work. 

In other words, you need Chief Engineer Montgomery Scott to come save the day.

58ceso

Why Visibility Into Your Tribbles Problem Isn't Enough

In the age of cloud, cyber assets are increasingly more complex. Instead, we should redefine all assets as:

  • Anything you can draw a box around, specifically any asset that can be software defined. Everything from identities to cloud configurations and repositories fall under this category.
  • More than just IP-based devices. Limiting assets to those things that are addressable by IP or MAC address severely limits the depth of understanding that can be built with interconnected relationships.
  • Software defined and ephemeral. Cyber assets in a modern world don't last long. Actually, if designed properly, you want them to come and go as scale dictates. Managing ephemeral assets with traditional asset management software is a recipe for disaster.
  • Highly complex relationships that connect people, process, and technology. The most important part about cyber assets isn't the asset itself, but it's the asset's relationship to every other asset in the collection. This is where the value really resides. It's time to move on from static lists of asset inventory. Let's start understanding the web of relationships and context of your dynamically changing software-defined cyber assets.

Just like the cuddly tribbles from Star Trek, cyber assets on their own are incapable of directly causing harm. Nonetheless, left unchecked, they could rapidly multiply and devastate entire ecosystems on a planetary (or organizational) scale.

9abec8cd3305126d3dc92aa7bb807ef3

It's no longer enough to just know where all your assets are. Businesses must now reinvent how they track, monitor, and govern a new "cyber asset" collection in order to step up their game to survive in a world overflowing with Tribbles. 

In conclusion: Star Trek fans are the best. Live long and prosper.

 

Note from JupiterOne CMO, Tyler Shields: Star Wars is way cooler than Star Trek. The author of this blog does not represent the entire employee base of JupiterOne and may end up being teleported off of the Enterprise very soon! May the force be with you!

 

Get ahead of your tribbles (aka cyber asset monster) problem today. 

Download the Modern  'Visibility' for Cybersecurity and IT Asset Management Whitepaper.

ITAM banner-01

 

Jennie Duong
Jennie Duong

Director of Product Marketing at JupiterOne. Eternal cynic and privacy advocate. Prior to JupiterOne, Jennie spent the past three years living, traveling, and working abroad across 25+ countries. She consulted and advised for several B2B cybersecurity and cloud startups.

To hear more from Jennie, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

Keep Reading

Identify compromised versions of Github using JupiterOne
January 31, 2023
Blog
Identify compromised versions of GitHub apps using JupiterOne

As a preventative measure, Github will be deprecating the Mac and Windows signing certificates used to sign Desktop app versions 3.0.2-3.1.2 and Atom versions 1.63.0-

The top 11 questions that every CISO should be able to answer
January 30, 2023
Blog
The top 11 questions that every CISO should be able to answer

In part one of this two-part series, we polled some of our top security experts to see what it takes to succeed secure and manage resources effectively.

Best of Cyber Therapy, Season 1
January 25, 2023
Blog
Best of Cyber Therapy, Season 1

Take a look at the top 5 episodes from Season 1 of Cyber Therapy, a video podcast featuring the humans of cybersecurity!

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.