The Leap from Securing Static to Dynamic Assets Is a Management Challenge
- Maintaining high-level security across all assets is a resource drain in large enterprises. Security leaders need to analyze cyber exposure so they can segment risk based on asset criticality and vulnerability.
- The shortage of security talent in this new world of modern assets means that security pipelines will rely more on DevOps and cloud engineers with security skills acquired on the job.
“Network people who are used to running discovery scans on the system now have to move up the stack to applications and start learning APIs in AWS, Azure and other cloud infrastructures . It’s a struggle.”
As executive director of the office of the chief information security officer (CISO) for Optiv, one of the largest holistic pure-play cybersecurity solutions providers in North America, Mannie Romero has witnessed several content revolutions as companies struggled to figure out exactly which assets they needed to protect. “As an industry, we’ve historically not been that great at asset inventory and asset management,” he says. This was true even when most important assets were static and sat primarily in private datacenters.