If you’re not familiar with cybersecurity asset management, it may sound to you like it’s awfully similar to IT operations management (ITOM).
While cybersecurity asset management does tie into many objectives of an ITOM program, there are some key differences, too.
What is IT Operations Management (ITOM)?
IT Operations Management is the management of all technology components within an organization. This includes: infrastructure, applications, services, storage, and network connectivity. The ultimate goal of ITOM is to ensure a company’s processes and services are always available and efficient.
While IT Operation functions differ from company to company, the key responsibilities include:
- IT and Desktop support teams
- Device management: including servers, mobile devices, and more.
- Network infrastructure: ensuring external and internal network connectivity, access for remote users, and resolving network-related issues
What is Cybersecurity Asset Management?
Cybersecurity Asset Management is the process of gathering asset data (devies, cloud instances, and users) to strengthen core security functions, including:
- detection and response
- vulnerability management
- cloud security
- incident response
- continuous control monitoring
The Similarities
Many common responsibilities of ITOM are prerequisites to a successful Cybersecurity Asset Management program. These include:
Network Infrastructure Management:
- Taking an inventory and monitoring all company owned networks
- Managing network access, both for employees and people external to the company
Device management
- Ensuring newly provisioned IT assets (desktops, laptops, mobile devices, servers, and even IoT and cloud instances) have necessary security controls
- Ensuring devices are running company sanctioned software and applications
IT and Desktop support
- Resolving incidents
- Creating and managing user profiles and system access
The Differences
Tools used for IT Operations Management ultimately help ensure IT assets are always available and used efficiently. But they don’t necessarily ensure that they are secure.
Cybersecurity Asset Management tools are used to track all IT assets, correlate data pertaining to each asset, and understand how assets meet company security policies and processes.
See how asset management can improve cybersecurity functions: get a free copy of “Why Does Asset Management Matter for Cybersecurity?”
Noah Simon is Director of Product Marketing at Axonius. Noah is passionate about cybersecurity, and always seeking to understand how new technologies can help companies and individuals protect themselves from the continually evolving risk landscape. Noah has previously held product marketing roles at BitSight, Cybereason, and White Ops.