Effective asset management forms the backbone of a robust cybersecurity strategy, yet many organizations remain unaware of their true asset inventory. In a recent survey by Axonius, only 45% of security leaders confirmed having a unified view of their asset and exposure data, revealing a significant oversight in security protocols. Lumen Technologies, a telecommunications giant, embarked on a quest to rectify this issue, showcasing a transformative approach to exposure management.
Revamping Asset Inventory at Lumen Technologies
Founded nearly a century ago, Lumen Technologies faced a common challenge among large enterprises: fragmented asset data. Geoff Krahn, leading the Product and Platform Security division, leveraged the Axonius asset intelligence platform to fuse over 40 disparate systems into a cohesive asset view. This initiative uncovered a staggering 60-fold increase in known devices, prompting a foundational overhaul of their exposure management.
The initial reconciliation revealed a leap from an estimated 17,000 cyber assets to an astounding 500,000, eventually identifying approximately 1.1 million devices under Lumen’s purview. This revelation underscored gaps in asset control and catalyzed leadership support and funding for enhanced security measures.
The Impact of Accurate Asset Data on Security Operations
Enhancing asset data accuracy has far-reaching benefits in cybersecurity, particularly concerning zero-day vulnerabilities. Lumen’s improved data management allows for swift identification and response to vulnerabilities, crucially determining exposure and ownership in minutes. This rapid response capability is facilitated by integrations with Axonius, enabling timely alerts and actions.
Additionally, Lumen’s Application Posture Dashboard integrates control coverage and vulnerability data, offering insights beyond the infrastructure level. By aligning application risks with revenue streams, Lumen successfully ties cybersecurity measures to business impact, driving informed decision-making.
Moving Beyond Traditional Vulnerability Management
Traditional vulnerability management often relies on CVSS scores, leading to inefficient prioritization. Lumen’s strategy, powered by accurate asset data, shifts focus to risk-based management. By correlating technical findings with business criticality and asset context, Lumen prioritizes remediations that offer significant risk reduction, moving away from the ineffective ‘scan and spam’ methodology.
This approach not only improves exposure management outcomes but also highlights areas where asset data accuracy still requires enhancement, fostering continuous improvement.
Strategic Decisions Enabled by Trusted Data
Lumen’s leadership witnessed a paradigm shift in decision-making, driven by comprehensive asset visibility. The end-of-life insights derived from Axonius data propelled the decision to migrate major infrastructure components to the cloud, reducing risk by 40%. The newfound clarity also justified a tenfold increase in security investments and facilitated board-level reporting on critical metrics such as asset coverage and compliance.
The experiences of Lumen Technologies serve as a cautionary tale for enterprises globally. Without vigilant asset data evaluation, exposure management efforts might rest on shaky foundations. Organizations are encouraged to scrutinize their asset inventories and learn from Lumen’s success in transforming exposure management.
For additional insights into risk-based exposure management, explore further information about Axonius Exposures and its applications at an enterprise scale.
If this topic intrigues you, stay connected with us through Google News, Twitter, and LinkedIn for more exclusive content.
