A deep dive into cyber assets

Learn how cyber asset analysis is the catalyst for a modern cybersecurity program
The modern enterprise’s digital infrastructure is like a vast, sprawling metropolis.
Each digital “city” has assets like computers, servers, databases, cloud storage, software applications, data at rest and in motion - just like a real city’s buildings, roads, people, vehicles, and more.
Your digital landscape is constantly evolving.
Just like a city’s ongoing building renovations, zoning changes and traffic detours, nothing stays the same. Now, imagine trying to keep this city running smoothly, its citizens safe, and its infrastructure up to code. What if you didn’t have a reliable record of building permits? Or know whose car is permitted to park where?
To safeguard the organization, cybersecurity teams must understand this ever-changing environment.
Cybersecurity teams ask similar questions as they fulfill their mission to protect their organization from cyberattacks.

Asset visibility is essential

  • The migration to the cloud, shadow IT, M&A activity, and incomplete CMDBs pose significant challenges for security and IT teams.
  • Tracking cyber assets has become difficult, creating a dangerous cybersecurity risk.
  • The lack of awareness about existing assets can lead to hidden security gaps and increased breach risks.
Asset device information lives in siloed tools like EDR, XDR, SOAR, and VM, making it difficult to determine whether your endpoint agent is deployed everywhere and whether all your assets are covered.
Before we get to the technology involved, let’s align on an important point: What is a cyber asset?
A closer look

Cyber assets: More than meets the eye

In a nutshell, a cyber asset is any physical or software-defined entity an organization uses to conduct its business.

Perception vs Reality

How  people perceive cyber assets

Many organizations still look at cyber assets as just devices and users; things like laptops, workstations, servers, and the people to whom those devices belong to.

This view is particularly outdated for security teams as they design what needs to be protected in today’s post-digital transformation landscape.

Cyber asset categorization

Cyber assets can be categorized in many ways; the Cyber Defense Matrix provides a useful approach, defining cyber assets in the following categories:

Devices

Physical as well as software-defined, like laptops, phones, workstations, servers, hosts, and storage devices

Applications

The software that runs on top of devices, separate from operating systems and firmware, like business or web apps, serverless functions, micro servers, and APIs

Networks

Including protocols and channels that enable communication between applications and devices, like TCP/IP, DNS, VPCs, VPNs, or email and web gateways

Data

Information stored, transported, or used by devices, applications, and on the network, including databases, code repositories, and S3 buckets

Users

Identities that utilize the other asset classes, like employees, contractors, outside vendors, or service accounts

Context vs. asset lists

Equally vital to understanding asset categories is understanding how assets are interconnected. Organizations use assets together as part of systems to achieve business goals. In the mission to secure them, teams have to view them as an interconnected whole. It is important to know, at a glance:

  • Who owns the asset?
  • What else is the asset connected to?
  • Where do I go for remediation?
  • Is the asset vulnerable?
It’s gotten much harder to understand the scope, status and context of all cyber assets.

Making your asset (data) work for you

Thanks to the democratization of IT and adoption of new technologies, business applications and infrastructure can spring to life or be abandoned as needed – much like urban expansion, renewal, and decay.

Trying to collect and make sense of all this rapidly changing asset data is practically impossible.

The good news here is that all this asset data already exists. Data about the assets themselves, their relationships with all the other assets, findings, and configurations – it’s all available. Security teams just need help pulling together and organizing it all in order to operationalize it.

A cyber asset analysis platform centrally collects, connects, and analyzes this data and becomes the system of record for all security questions about cyber assets.

Remember those questions before?   These platforms help you answer the essential questions of what assets you have, what's critical, who owns it and if it poses a risk to you, all in one place.

How is cyber asset analysis different?

Amidst a sea of point solutions working in a silo, cyber asset analysis platforms help security teams see the bigger picture.

The bigger picture

These platforms can spot patterns, detect anomalies, and measure compliance drift. They can see the smoke before the fire, allowing them to take proactive measures to mitigate cyber threats.

In short, cyber asset analysis provides the enterprise's eye in the sky, offering a panoramic view of the cyber threat landscape.

Cyber asset analysis takes you from “This server is vulnerable” to “This server, owned by Brad, is vulnerable, connected to a database with critical business data and has a path to the internet through an improperly configured firewall.”

The first requires investigation to determine what to do next. The second has clear action and direction. (Ah, that Brad, always causing trouble.)

This server is vulnerable

This server

owned by Brad

is vulnerable

connected to a database with critical business data

has a path to the internet through an improperly configured firewall

Unified cyber insights

The ‘holy grail’ of cybersecurity

What is the end goal of cyber asset analysis? It’s something we call unified cyber insights.

Modern security teams understand that the key to the strongest cybersecurity program is to first understand all of their assets, but lists of assets without context are meaningless.

Only with a robust cyber asset analysis platform can you bring unified cyber insights to your security program. Unified cyber insights come from the knowledge gained by cyber asset analysis and used to inform decisions about your environment, know where to place defensive measures, and guide future development.

These insights help security teams to identify hidden risks, prioritize remediation actions, and optimize the deployment of response actions and security tools.

Our vision

A strong foundation for a more secure future

Once you know what assets you have, and their context to the rest of the organization, your whole security program is strengthened - from vulnerability management to compliance management and more.

At JupiterOne, we feel uniquely qualified to share our vision of what a modern cyber asset analysis platform should look like. Why? Because our founder and CEO built JupiterOne from his struggles as a former CISO to answer those five fundamental questions that asset analysis platforms are built to answer.

Unified cyber insights involves leveraging the data and aggregating it, connecting the dots to provide contextual insights and an understanding of our environment.”
Erkang Zheng
CEO and Founder, JupiterOne

Trying to build a solution in-house for this universal cybersecurity problem took up too many resources. With so much at stake, there had to be a better way for security teams to know what they have and where to go, quickly, to remediate priority issues and prevent a breach.

This vision culminated into the launch of JupiterOne, backed by years of development work with some of the brightest engineers in the business.

Contextual understanding

Charting the course towards unassailable cybersecurity

We believe a detailed understanding of your assets and a comprehensive view of your cyber threat landscape leads to unified cyber insights, empowering enterprises to build robust cybersecurity defenses.

With this approach, it becomes a simple matter to find what you have by asking natural language questions of your cyber asset analysis platform, determine if any vulnerabilities or issues exist, assess the level of risk they present, and assign ownership to remediate the problem quickly.