The Role of Cyber Asset Visibility in Confronting 2022’s Big Challenges

We’re just three months into 2022 and the cyber security landscape is shifting rapidly. The Russian invasion of Ukraine has not only tragically upended the lives of countless people in a sovereign nation, but it is also causing geopolitical shockwaves that will reverberate for the foreseeable future. The prospects of cyberwarfare escalations are all too real. At the same time, workplaces in the U.S. and around the world are starting to strategically reopen as COVID infection rates fall. And through it all technology evolution driven by connected digital devices is only accelerating. Given the chaotic times—and dangers posed by unmanaged and unprotected digital assets—it’s worth pausing for a moment to consider why the need for complete digital asset visibility has grown urgent.

The Unknowns of New Hybrid Work Models

More people than ever have joined the digital economy, and an Owl Labs survey found that 80% of people expect to work at least three days a week from home. A report by Upwork predicts that “by 2025, 36.2 million Americans will be working remotely, an 87% percent increase from pre-pandemic levels.”

A workforce partially returning to the office reintroduces challenges around phenomena like BYOD. And although most employees are now hopefully aware of the dangers of threats like email phishing, hackers still have abundant opportunities and can turn to machine learning and other resources for help creating convincing messages for stealing user logins and gaining access to private databases.

Workers may also encounter a new landscape of post-pandemic IoT devices; hands-free, voice-enabled conference rooms powered by systems like Amazon Alexa For Business, for example. Whether Enterprise of Things, IoT, or Internet of Medical Things (IoMT), legacy solutions can’t secure these devices. And for all the valuable experiences and benefits these devices provide, they are inherently vulnerable. Moreover, by the end of 2021, we expected up to 90% of all devices across an organization to be unmanaged. Cybercriminals and state-based attackers are well aware of the potential opportunities. They will attack the easy targets and then work their way deeper inside your perimeter.

Securing a New Industrial Era

It’s not just people who are more connected. Manufacturing environments are now full of connected digital assets. Rather than having a crew on-site to keep operations running, many manufacturers now rely on at least partial remote operations—even though operational technology (OT) and industrial control systems (ICS) were typically not designed to handle external cyber threats. Without effective cyber defense, OT and ICS systems are prone to cyberattacks that could result in financial loss or reputation damage.

Given the increasing connectedness of industry and utilities, even life safety and national security is at risk. It’s no coincidence that 2022 marked the introduction of a 100-day plan from the Biden administration that focuses exclusively on securing our critical infrastructures, which have become a main target of emboldened nation-state actors looking to cause chaos or escalate conflicts. The ongoing threat of hacks targeting electrical grids, transportation systems or water facilities represents a major vulnerability going forward.

At the core of this new industrial era is the convergence between IT and OT, paving the way for the Industrial Internet of Things (IIoT). Traditional OT and IoT devices were not designed with strong built-in safeguards, don’t produce logs, and cannot support the installation of security agents. In other words, they are unmanaged. If you remember URGENT/11, in which we discovered 11 day-zero vulnerabilities in VxWorks (which is “used by over 2 billion devices including critical industrial, medical and enterprise devices”), you might also remember that in December 2020, a staggering 97% of the OT devices impacted by URGENT/11 had not been patched.

We expect to see more focused ransomware and malware attacks, including more IT/OT convergence. Enhanced exploitation tactics and techniques will be used to target supply chains and then make their way down to the OT and edge devices, hitting multiple attack surfaces at once. Organizations must be able to identify, monitor and protect digital assets in the Industry 4.0 era. Establishing a full view of assets and potential vulnerabilities can help prevent ransomware and malware from spreading by automatically enforcing policies to isolate infected systems and enable network segmentation.

Protecting Patients, Their Data, and Hospital Operations

Smart medical devices and online patient records have helped to significantly improve patient care and administrative efficiency. At the same time, however, they are a prime target for hackers looking to access sensitive information or inject ransomware. Cybersecurity attacks that exploit delicate clinical workflows have had significant impacts on operations, revenue, and safety regardless of the size and location of a healthcare organization. The IoMT requires precise management of high-value assets and threat intelligence that spans multiple networks within the healthcare organization. Introducing new smart healthcare systems and legacy platforms for biomedical devices can be difficult, as many of these systems were not designed to connect or interact.

Choose Your Battles, Pick the Right Tools

All of the above challenges are further complicated by a severe shortage of cybersecurity professionals, requiring organizations to spend their time and resources wisely and efficiently.

Asset management and visibility platforms provide essential capabilities for efficiently gathering intelligence on and securing managed and unmanaged digital assets. They provide the most value when you combine the traditional IT architectural review and OT control review groups with a global view on risk management in both IT and OT. For example:

• Cybersecurity asset management
• Threat detection and response
• Vulnerability and risk management

Asset visibility can enable enterprises to make informed decisions, but to really protect against threats, you need to have the necessary business context to understand how to act on the intelligence. One way to do this is to collaborate with a partner that can guide you forward, but in this critical space it’s essential to ensure that your partner has a proven reputation and an established maturity in the market. Also, as with many cybersecurity processes, to make the most out of asset management and visibility platforms, the C-suite needs to not only be informed but involved in the process.