Written with contributions from Bryon Singh, Director of Security Operations, RailWorks Corporation
In the world of cybersecurity, staying ahead of threats requires more than just vigilance; it demands a keen eye for detail and an ability to uncover hidden assets. This is where CIS Safeguard 1.3, "Utilize an Active Discovery Tool," comes into play, much like the legendary detective Sherlock Holmes.
The Case of the Missing Assets
Imagine Sherlock Holmes, with his magnifying glass in hand, meticulously scanning every corner of a room for clues. Similarly, an active discovery tool scans your network, identifying all connected assets, authorized or otherwise. Just as Holmes wouldn't miss a single clue, an active discovery tool ensures no device goes unnoticed.
Daily Deductions
Holmes didn't solve cases by chance; he had a methodical approach, conducting daily investigations. In the same vein, configuring your active discovery tool to run daily (or more frequently) ensures continuous monitoring and immediate detection of any new or unauthorized devices. This proactive approach keeps your network secure and up-to-date.
The Trusty Watson
Every great detective has a reliable partner, and for your active discovery tool, that partner is your IT team. Together, they work to maintain a comprehensive asset inventory, much like Holmes and Watson solving cases side by side. This collaboration ensures that your network remains secure and resilient against potential threats.
By implementing CIS Safeguard 1.3 and utilizing an active discovery tool, you gain the following benefits:
- Identify and manage all devices: No more mystery gadgets lurking in the shadows of your network.
- Spot unauthorized connections: Catch that rogue Raspberry Pi before it causes trouble.
- Maintain better security hygiene: A crucial step towards a stronger security posture.
Embrace the spirit of Sherlock Holmes and take control of your network's security with active discovery. Your data will thank you!
Resources
Here’s a link to the Enterprise Asset Management Policy Template for CIS Control 1, provided free of charge from the fine folks at the Center for Internet Security
Looking for even more details? Here you go. If this still doesn’t satisfy your curiosity, DM me.
CIS Control 1 – Inventory and Control of Enterprise Assets
Actively manage (inventory, track, and correct) all enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/Internet of Things (IoT) devices; and servers) connected to the infrastructure physically, virtually, remotely, and those within cloud environments, to accurately know the totality of assets that need to be monitored and protected within the enterprise. This will also support identifying unauthorized and unmanaged assets to remove or remediate.
CIS Safeguard 1.3 - Utilize an Active Discovery Tool
Utilize an active discovery tool to identify assets connected to the enterprise’s network. Configure the active discovery tool to execute daily, or more frequently.