You can’t safeguard something if you don’t know it’s there in the area of cybersecurity. Enter cybersecurity asset management, an admittedly unappealing facet of a burgeoning business that has piqued investors’ interest in recent months. Some are hailing 2021 as the “golden year” for the cybersecurity business, with funding for cyber startups increasing by 138 percent to $29.5 billion and M&A activity increasing by more than 294 percent to $77.5 billion. Those tasked with protecting an organization’s internet-facing assets have gotten more attention than the average.
Sternum, a Tel Aviv-based startup that provides real-time asset management for internet-connected devices, has raised $27 million; Censys, a search engine for networked devices, has raised $35 million; JupiterOne, a platform that helps companies see all of their digital and cloud assets, has raised $19 million; and Axonius, which allows organizations to manage and track computing-based assets, has raised $100 million in the last year.
Big-name tech companies, too, recognize the worth of this often-overlooked sector of the industry. RiskIQ, a firm that gives visibility into what assets, devices, and services can be accessed outside of a company’s firewall, was purchased for $500 million by Microsoft in July, and the company described the acquisition as a “strong” addition to its portfolio.
While asset management was originally the responsibility of in-house IT teams responsible for on-premise hardware, it has developed to the point where it now falls within the jurisdiction of the chief information security officer and is the foundation of any successful cybersecurity plan. Asset management is a fundamental concern for security leaders, and the revolution we’ve witnessed with modern digital infrastructure has given us additional motivation to address it.
Because organizations require a thorough and reliable inventory of their internet-facing assets in order to effectively handle security risks, this is the case. Organizations now have more diversified assets and platforms in place than ever before, ranging from operational technology systems and Internet of Things (IoT) devices to company-owned and cloud-based services, thanks to the pandemic-induced digital revolution.
Assets have become more widely distributed as a result of the emergence of new asset kinds and the widespread move to remote employment, making them even more difficult to manage and catalog. “When workforces were physically sitting in corporate buildings and on company networks, asset inventory was a concern,” Paul Baird, chief technical security officer at security and compliance firm Qualys, told TechCrunch. “As the epidemic has solidified a new normal of totally remote or hybrid working techniques, the issues around asset inventory have only grown more onerous.”
