The NCCoE released a final version of the NIST Cybersecurity Practice Guide, IT Asset Management. For ease of use, the guide is available to download or read in volumes.
Financial institutions deploy a wide array of information technology devices, systems, and applications across a wide geographic area. While these physical assets can be labeled and tracked using bar codes and databases; understanding and controlling the cybersecurity resilience of those systems and applications is a much larger challenge. Not being able to track the location and configuration of networked devices and software can leave an organization vulnerable to security threats. Further complicating this scenario, many organizations include subsidiaries, branches, third-party partners, contractors as well as temporary workers and guests.
To address this cybersecurity challenge, the NCCoE developed a reference design that provides an organization with tools to centrally monitor and gain deeper insight into their entire IT asset portfolio using an automated platform.
IT asset management (ITAM) is foundational to an effective cybersecurity risk management strategy in support of its overall enterprise risk management strategy.
Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.
A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI.