In the world of cybersecurity, you can’t secure something if you don’t know it’s there.
Enter cybersecurity asset management, an admittedly unsexy snippet of the booming industry that investors have shown increasing interest in over the past 18 months.
The cybersecurity industry experienced what some hailed as a “golden year” – funding for cyber startups rose 138% to $29.5 billion in 2021 and M&A activity skyrocketed by more than 294% to $77.5 billion. And those focused on securing an organization’s Internet-facing assets have received more attention than most.
In the past 12 months alone, Sternum, a Tel Aviv-based startup that provides real-time asset management for internet-connected devices, has raised $27 million; Censys, a network device search engine, raised $35 million; JupiterOne, a platform that helps businesses see all their digital and cloud assets, has raised $19 million; and Axonius, which allows organizations to manage and track computer-based assets, raised $100 million.
Major tech giants are also clearly seeing value in this oft-overlooked part of the industry. Microsoft spent $500 million in July to acquire RiskIQ, a company that provides visibility into what assets, devices and services are accessible outside a company’s firewall, describing the acquisition as a “powerful” addition to its portfolio.
Assets, assets everywhere
While asset management was once the concern of in-house IT teams managing on-premises hardware, it has evolved to justify the Chief Information Security Officer’s authority and is the backbone of any effective cybersecurity strategy.
Asset management is a fundamental challenge for security leaders, and the transformation we’ve seen with modern digital infrastructure has given new impetus to fix it. Shawn Cherian
To effectively address security vulnerabilities, businesses need a comprehensive and reliable inventory of their Internet-facing assets. Once made up of PCs and servers, the pandemic-driven digital shift means organizations have more diverse assets and more platforms than ever before — from operational technology systems and Internet of Things (IoT) devices to proprietary and cloud-based services.
The proliferation of new asset types, along with the widespread shift to remote working, has resulted in assets becoming more dispersed, making them even more difficult to manage and inventory.
“Asset inventory has traditionally been a challenge when a workforce was physically located in corporate offices and on corporate networks,” Paul Baird, chief technical security officer at security and compliance giant Qualys, told Marketingwithanoy. “As the pandemic solidifies a new normal of either fully remote or hybrid work approaches, the complexities surrounding asset inventory have only grown in difficulty.”