Security Market Segment LS
Thursday, 13 October 2022 17:33

How an asset data analytics approach defines risk and exposure on cyber attacks Featured

By Vern Fernhout
Vern Fernhout Vern Fernhout

GUEST OPINION The breakneck adoption of new applications and services as businesses kept pace with the needs of increasingly hybrid workforces has opened up new risks.

Technology stacks have grown more complicated and hard to keep track of. Unsurprisingly, malicious actors have seized this opportunity to target organisations through any vulnerabilities present in these systems, with Australia experiencing a 15 per cent increase in ransomware-related cybercrime between July 2020 to June 2021, compared to the previous financial year. 

It’s never been more important for Australian businesses to embrace a proactive approach to cyberattacks. The threat of an attack through misalignment of assets relative to compensating controls is on the rise, and cyberattacks are increasingly aimed at an organisation's ‘coverage gaps’ to exploit a point of entry. 

Having a holistic overview of all the IT assets within an organisation is crucial to adopting a proactive outlook of a technology stack. In order to assess and reduce the risk of cyber attacks, organisations must have information about the assets they are looking to secure readily available, current, and continually refreshed. 

Time is in short supply during a cyberattack, so what can organisations do to enable a more rapid response time?

Understanding risk starts with knowing what an organisation wants to secure 

This is not just knowing of an asset, it’s having a full understanding of the asset. An organisation’s asset environment is dynamic and continuously changing. Security audits and compliance checks are often done quarterly or semi-annually and this is simply not adequate, as organisations need the ability to act based on current data. Knowing where Endpoint Detection and Response (EDR) agents were and weren’t deployed, or what cloud environments were and weren’t scanned a few months back is simply not good enough.  

Malicious actors only need one misaligned control to gain access to sensitive data. Organisations must accelerate their understanding and evaluation of their security controls relative to their specific environment. 

Why an asset data warehouse should be top of mind for every organisation

You can’t protect what you can’t see. The majority of Australian businesses currently do not have an aggregated view of all asset data to understand the intricacies of individual assets within their environment, the vulnerabilities associated with them, and the continuous monitoring of controls across these assets.

Concerningly, security and technology teams may still be relying on manual record systems that don’t provide true visibility into their various environments (IT, OT and IOT). The lack of this strategic capability significantly impacts an organisation’s ability to know its assets and understand the potential risks that assets are exposed to. 

The foundation of every security program should be an understanding of the assets that need to be secured. The better the assets are understood, the more likely they will be suitably secured. This sets the trajectory for all the subsequent efforts in implementing a security program.

Asset data warehouses enable organisations to understand the impact and risk of a cyberattack

Organisations need to know all the information they have about all the assets within their environment. This information must be readily available, current, and regularly refreshed. 

Time is everything during a cyberattack. An organisation is immediately on the back foot while trying to assess multiple data sets to gain an understanding of the impact and exposure of a cyber attack, they will need to find out which assets have been impacted. This can take anywhere from days to weeks.

An ‘asset data warehouse' of an organisation’s tech stack provides up-to-date information on every asset that is readily available. Having this central resource in place also helps to quickly answer questions like which assets might have possible exposure, associated vulnerabilities or coverage of compensating controls in the heat of a security incident.

A holistic overview of an organisation’s IT assets is crucial to shifting from a reactive approach to cyberattacks, and adopting a proactive, always-on outlook. Businesses need to move away from thinking reactively about cyber attacks and adopt a first principles approach that will enable them to mitigate risks more proactively.

About Vern Fernhout

Vern Fernhout, is the Country Manager for ANZ at Axonius

Axonius gives customers the confidence to control complexity by mitigating threats, navigating risk, automating response actions, and informing business-level strategy. With solutions for both cyber asset attack surface management (CAASM) and SaaS management, Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically validate and enforce policies. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of assets, including devices and cloud assets, user accounts, and SaaS applications, for customers around the world.

Read 1257 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Hybrid cloud promises to bring together the best of both worlds enabling businesses to combine the scalability and cost-effectiveness of the cloud with the performance and control that you can get from your on-premise infrastructure.

Reducing WAN latency is one of the biggest issues with hybrid cloud performance. Taking advantage of compression and data deduplication can reduce your network latency.

Research firm, Markets and Markets, predicted that the hybrid cloud market size is expected to grow from US$38.27 billion in 2017 to US$97.64 billion by 2023.

Colocation facilities provide many of the benefits of having your servers in the cloud while still maintaining physical control of your systems.

Cloud adjacency provided by colocation facilities can enable you to leverage their low latency high bandwidth connections to the cloud as well as providing a solid connection back to your on-premises corporate network.

Download this white paper to find out what you need to know about enabling the hybrid cloud in your organisation.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News