Know-the-system (No Chasing Shadows)

David Mantock
August 26, 2021
Security Management

It was Benjamin Franklin who said, “Fail to prepare, prepare to fail” and with this pretext I set the tone for this month’s security blog. In the field of cyber security, we know that we have very capable and determined adversaries. For us to keep pace and implement effective counter measures there are certain things we must do. If not, these adversaries will overwhelm us and have us chasing shadows¹. Want to avoid this? Then please read on.   In my first ever blog article I wrote about having a Cyber Security philosophy as a recap here are the guiding principles:

  • Do the basics well (Monitoring, Logging, Vulnerability Management)
  • Be transparent (Openness with internal and external stakeholders)
  • The five pillars of security
  1. Know-the-system (people, processes, technology)
  2. Least privilege (people-2-machine, machine-2machine)
  3. Defense in depth (employ multiple measures, FW, Zoning, IPS, ACLs, MFA, etc.)
  4. Detection (log the sources that enable root cause analysis and rapid response)
  5. Data Driven Risk Assessment (validate the “gut feeling” with real data)

In this article I would like to expand on the first pillar “know-the-system” and the visibility that is the
lifeblood of an effective security program. We all know that if we build a house, we need a good
foundation to build on and when it comes to cyber security this principle is also valid. But what
constitutes a foundation?

A look at the conventional standards reveals that an inventory (NIST: Identify, ISO 27002: A8 Asset management, CIS Control 1: Inventory and Control of Enterprise Assets) is a fundamental requirement. The logic is simple: there needs to be a clear understanding of the cyber security landscape. Firstly, it is hard to protect what you have no knowledge about and secondly when you do know about it you have to understand the security context to ensure the necessary safeguards are applied. Ask any boxer and he will tell you the hardest punch is the one that you did not see coming! So, our first line of defense is making sure that we know what our critical assets are. And not only that, what are the interdependencies? How do the people and the processes interact with these assets and what is happening to our precious data as it pumps around our organizational systems with hurricane force? Good questions need good answers so let us unlock a precious truth. The key to success hard-core determination. No more no less. It is not easy to lock down your assets and map out your application landscape. But it can be done if you stick to your goal with the resolve that is needed to accomplish something truly worthwhile. Maximum visibility. No chasing shadows, no shadow IT.

¹ dictionary.cambridge.org – Chasing shadows “To try unsuccessfully to catch or compete with another person or team who is much faster or better than you”

Tags :

Asset Management, CIS Controls, Cyber Defense Strategy, Cybersecurity Visibility, IT Inventory Management, Know Your System, NIST Framework, Proactive Cybersecurity, Security Foundations, Shadow IT Prevention

Discover The Latest Cyber Security Blog Articles