Security Strategy

How Las Vegas’s chief innovation officer balances monitoring his networks’ many devices

A blur of attack-surface tools can help with the critical task of finding all your assets.
article cover

Public domain

· 4 min read

It’s not Cirque du Soleil, but Michael Sherwood, chief innovation officer for the City of Las Vegas, has a lot of plates spinning in the air, so to speak.

As someone who needs to both support operational IT and introduce new technologies, Sherwood has the balancing act of monitoring his networks’ many devices—from standard desktop workstations and printers to the city’s air-quality sensors and network-connected traffic cameras.

“I have thousands of endpoints, and to be able to manage them, maintain them, inventory them, is one piece of the puzzle,” Sherwood told IT Brew.

To start seeing the inventory picture, Sherwood and the city turned to an asset-intelligence platform Armis, which, in simple terms, looks for the gadgets on a network—from laptops to smart TVs. Armis found some surprise assets pinging on the Vegas setup: private cellular radios using outdated firmware.

“We didn’t even know the device was on the network that it was scanning,” said Sherwood.

Such inventory exercises—increasingly supported by a blur of asset-intelligence platforms—are important safeguards, and are now even mandated for federal agencies. A recent announcement from CISA ordering asset discovery for federal agencies is an acknowledgement of a critical security practice that security pros have been pushing for.

“Security has been saying this forever—that we have to audit, we have to know what’s out there so we can protect it. And we have to automate ways to find it,” Erik Nost, senior analyst at Forrester, told IT Brew.

In the binding operational directive, CISA mandated that all federal civilian executive branch agencies must perform automated asset discovery every 7 days.

You’re an asset. CISA provides some “asset” examples: managed endpoints, like workstations and laptops, and managed network devices, which include routers and firewalls.

Top insights for IT pros

From cybersecurity and big data to software development and gaming, IT Brew delivers the latest news and analysis of trends shaping the IT industry, like only The Brew can.

“When they say ‘assets’ in this context, it’s laptops, it’s servers, it’s network switches, anything with an IP that’s communicating,” Ron Fabela, co-founder and CTO at the industrial asset and network monitoring provider SynSaber, told IT Brew.

While tools like the free and open-source Nmap utility provide basic network-discovery scans, a number of emerging technologies exist for functions beyond automated asset inventory:

  • External attack surface management (EASM) technologies—from companies like CyCognito and Randori—discover internet-facing enterprise assets, along with exploitable vulnerabilities like cloud misconfigurations and insecure third-party partner software code. “What does my organization look like from an attacker’s point of view, and how should it find and prioritize the issues attackers will see first?” read a March 2022 Gartner report defining the ASM pillar.
  • Cyber asset attack surface management (CAASM), according to a Gartner definition, enables organizations “to see all assets (internal and external) through API integrations with existing tools, query against the consolidated data, identify the scope of vulnerabilities and gaps in security controls, and remediate issues.” Vendors in the space include JupiterOne, Axonius, and Noetic.
  • Attack path modeling tools map the routes through an organization that could lead to compromise.

Asset discovery, attack surface management, attack path modeling, even vulnerability management, are all starting to share the inventory effort and have overlapping features, according to Nost. Armis, for example, combines features of CAASM, vuln assessment, and asset intelligence.

“There’s so much convergence in these areas right now,” said Nost.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.

Top insights for IT pros

From cybersecurity and big data to software development and gaming, IT Brew delivers the latest news and analysis of trends shaping the IT industry, like only The Brew can.