Oct 19 2022

Strong Asset Management Is a Must for Successful Continuous Monitoring

To defend against cyberattacks, state and local governments should survey all IT systems, including those in the cloud.

Cybercrime is growing at a disturbing rate, with incidents of malware, ransomware and data breach attacks continuing to rise. Criminals took advantage of digital transformation and the move to remote work during the pandemic to launch attacks on all types of organizations, including state and local governments. In 2021, 66 percent of organizations were hit by a ransomware attack, up from 37 percent in 2020,” according to Sophos.

A comprehensive cybersecurity program can help reduce risk and strengthen a state or local government’s security posture. It is crucial to monitor IT systems and assets to detect potential cybersecurity events and make sure protective measures are effective. The goal is to manage the risk incurred by unmanaged devices, unauthorized devices, or poorly protected applications and systems, which leave the network and data vulnerable to attackers.

This type of monitoring is not a once-yearly effort; to be effective, it should be done continuously. Assessing and analyzing security controls and security risks frequently can defend the network against many common attacks, freeing up IT staff to address more dangerous and complex attacks.

CSAM Sidebar

Which Assets Actually Need Continuous Monitoring?

As they embark on continuous monitoring, a chief challenge for state governments is understanding the extent of their IT landscape. Gaining a comprehensive inventory can be difficult, given the pace at which new devices and hardware assets are acquired, installed, replaced and retired.

Software can be even more challenging because of cloud-based assets that are perhaps not fully known or understood by security teams, and because of the presence of shadow IT — applications in use without the knowledge of the IT or security team. Contract employees, remote workers and those who use personal devices for work-related purposes all require monitoring for cybersecurity risk.

How Asset Management Can Increase Visibility

The first step in implementing effective continuous monitoring is taking a thorough inventory of all IT assets. IT asset management (ITAM) entails cataloging, tracking and maintaining an organization’s technology assets. Asset management involves both software and hardware assets.

Software asset management should begin with a comprehensive inventory of software installed in the data center and in the cloud. The latter is especially important. Forty-nine percent of surveyed state governments reported most of their systems and solutions are now in the cloud; a total of 93 percent noted that some, most or all their systems are cloud-based. A thorough inventory of software assets can help state and local governments automate decision-making and risk reduction.

Hardware asset management identifies devices — including virtual machines, IP-addressable devices and removable media — that have access to the network, and it determines whether or not they are authorized.

Click the banner below to explore ways to improve your cybersecurity strategy.

The Role of Automation Is Asset Management

Neither type is feasible as a manual process; instead, automation is key. Asset management software can compile and continuously update hardware and software inventories, owners and assignments. This type of automated capability is a vital building block of successful continuous monitoring.

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has partnered with state and local governments to facilitate asset management, identifying “services and tools that allow the agency to track hardware and software assets throughout the enterprise, including the asset’s physical location and configuration.”

How State and Local Governments Can Boost Continuous Monitoring

Once assets have been identified, state governments can find additional assistance through StateRAMP, a nonprofit made up of service providers, third-party assessment organizations and government officials. The organization is tasked with promoting cybersecurity best practices to improve the cyber posture of public institutions and the citizens they serve, providing state and local governments a common method for cloud security verification.

Since few state governments have the resources to do continuous monitoring in a timely manner, StateRAMP can verify their cloud solutions to make sure they satisfy security requirements.

UP NEXT: Visibility and why it is vital for government IT network security.

In less than two years, the organization has been able to verify more than 30 products now on its authorized products list; about 60 more are in the process of being certified. Each of the authorized products’ vendors must continuously monitor their offerings to maintain authorized status. In addition to the services provided by StateRAMP, states may eventually find help from CISA; while its Continuous Diagnostics and Mitigation Program is only available to federal agencies, a bill introduced in March would allow state governments to take advantage of the same capabilities.

Resource-constrained state and local government IT and security teams benefit from automation in their quest for broad visibility of the security landscape. IT asset management solutions can detect, inventory and assess the state of both hardware and software assets. Armed with this information, the process of continuous monitoring comes into focus. Combined with the aid of organizations such as StateRAMP, state governments can feel confident that at least part of the burden of continuous monitoring has been taken off their shoulders.

Keep this page bookmarked to keep up with all of StateTech's Cybersecurity Awareness Month coverage, including featured articles on incident response plans.

Gorodenkoff/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT