Join SecureTheVillage Founder & President Dr. Stan Stahl for the next Technology & Security Management HappyHour on September 28th!
Discussion Topic: Inventory and Control of Enterprise and Software Assets
Description: During September’s meeting we will discuss the first two controls in the Center for Internet Security Controls, Version 8.
Control 01: Inventory and Control of Enterprise Assets. “Actively manage (inventory, track, and correct) all enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/Internet of Things (IoT) devices; and servers) connected to the infrastructure physically, virtually, remotely, and those within cloud environments, to accurately know the totality of assets that need to be monitored and protected within the enterprise. This will also support identifying unauthorized and unmanaged assets to remove or remediate.”
Control 02: Inventory and Control of Software Assets: “Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.”
While it’s easy to write down things that everyone needs to do, it’s quite another to get it all working down at ground level. Everyone in the meeting will have found aspects of these controls that are simple and aspects that can be extremely challenging … like keeping track of inventories in the work from home environment.
- What should be a slam dunk for any IT Department / IT vendor / MSP worth their salt?
- What’s so basic that it’s absence is a sign of inadequate security management?
- Where do inventories begin to break down? Where do the challenges start?
- What tools do you find useful for managing hardware and software assets?
- And – fundamentally – what do you count as an “enterprise asset?”
Meeting Format: The meeting is an open discussion facilitated by SecureTheVillage president, Dr. Stan Stahl. There will be no presentation.
Our perspective is that managing IT security is somewhat like the metaphor of the blind men describing an elephant.
Come prepared to share both your knowledge and your ignorance as we both learn from and educate each other.
We look forward to welcoming you into our discussion.
Preparation: Please review Control 1 and Control 2 in the Center for Internet Security Controls, Version 8. https://securethevillage.org/resources/cis-controls-version-8 and come prepared to discuss how your firm manages these controls, either in-house or in support of your clients.
Who should attend: IT and information security professionals, including MSPs. MSSPs, In-house IT professionals, Information security professionals, CIOs, CTOs, CISOs, Directors of IT, etc.
Technology & Security Management Happy Hour is a Peer-to-Peer Roundtable in “Happy Hour Format”
Peer-to-Peer Roundtables are educational / networking events where we come together to discuss IT security challenges and solutions. As a diverse community, our various backgrounds and areas of expertise become an asset in navigating the complex issues we face in an ever more digitally dependent environment.
Our Peer-to-Peer Happy Hour series is ‘after-hours,’ offering a less formal structure for conversation and connection than our traditional Roundtable series. We hope you’ll join us!
Objectives:
- Deal with real issues
- Solve real problems
- Have fun
- Build community
