Identify Assets

Within the Identify core function of the Cybersecurity Framework of CCB Belgium, a number measures and processes are established and managed. All with the purpose of identifying assets like systems, data, people, buildings, software, data till buildings and other assets defined. 

On this page you will learn what is being expected  from the NIS2 law and what kind of solutions Kappa Data can offer you. 

Ask for a meeting

Identify definition from Cyberfundamentals Framework

In the Cyberfudamentals framework of CCB Belgium a list of measures are described where you can find the headlines below : 

  • Physical devices and systems used within the organization are inventoried 
  • Software platforms and applications used within the organization are inventoried
  • Organizational communication and data flows are mapped
  • External information systems are cataloged
  • Resources are prioritized based on their classification, criticality and business value
  • Cybersecurity roles, responsibilities, and authorities for the entire workforce and third-party stakeholders (like suppliers, customers, partners) are established. 
  • The organization’s role in the supply chain is identified and communicated. 
  • The organization’s place in critical infrastructure and its industry sector is identified and communicated
  • Priorities for organizational mission, objectives and activities are established and communicated. 
  • Dependencies and critical functions for delivery of critical services are established
  • Resilience requirements to support delivery of critical services are established for all operating states (like under duress/attack, during recovery, normal operations)
  • Organizational cybersecurity policy is established and communicated
  • Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed. 
  • Governance and risk management processes address cybersecurity risks. 
  • Asset vulnerabilities are identified and documented
  • Cyber threat intelligence is received from information sharing forums and sources. 
  • Threats, vulnerabilities, likelihoods and impacts are used to determine risk. 
  • Risk responses are identified and prioritized. 
  • Risk management processes are established, managed and agreed by organizational stakeholders
  • Organizational risk tolerance is determined and clearly expressed. 
  • The organization’s determination of risk tolerance is informed by its role in critical infrastructure and sector specific risk analysis. 
  • Cyber supply chain risk management processes are identified, established, assessed, managed and agreed to by organizational stakeholders
  • Suppliers and third-party partners of information, components, and services are identified, prioritized and assessed using a cyber supply chain risk assessment process. 
  • Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and the Cyber supply chain risk management plan. 
  • Suppliers and third-party are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations. 
  • Response and recovery planning and testing are conducted with suppliers and third-party providers

 

Identification Assets

You can’t protect what you don’t see

Everything starts with identification of your assets. Assets are within the NIS2 directives defined as IT systems, Software applications, Data, People, Procedures, Building(s), Cars, knowledge, etc. All of these assets needs to be inventoried and risk analysis needs to be performed for each asset. 

For example : you have one person that knows every detail of the production mix of a product, but this person becomes sick for a longer time. When you did’t documented his/her knowledge, then you might have a severe risk. For IT-systems it is evident that these systems are equipped with the latest security solutions, in order to protect your systems against the most modern cyber attacks. 

Kappa Data has different solutions to offer that fills in several parts within this identenfication and risk analysis process. 

Let’s look at the different solutions : 

Asset Identification and Risk Analysis

In alignment with the Identify Core function of the NIS2 directives in Belgium, the organization needs to be committed to a comprehensive approach to asset identification and risk analysis. This strategy ensures that all IT, IoT, and OT devices within our network are accounted for, secured, and managed effectively.

To achieve this, Kappa Data is leveraging several advanced solutions:

1. Identifying Assets via Armis: 

Armis is a robust platform used for identifying all connected devices within our network. It plays a critical role in vulnerability management, enabling us to continuously monitor and secure IT, IoT, and OT devices. With Armis, we gain full visibility into our device landscape, helping us identify and mitigate risks promptly.

2. Network Access Control (NAC) by Extreme: 

The NAC solution from Extreme Networks is essential for determining and controlling who can access various segments of our network. This solution enforces security policies, ensuring that only authorized users and devices can connect to our network resources. By doing so, it significantly reduces the risk of unauthorized access and potential security breaches.

3. Authenication with OneLogin: 

OneLogin is our chosen platform for the authentication process of users accessing our network. This solution simplifies and secures user authentication, providing single sign-on (SSO) capabilities and multi-factor authentication (MFA). It ensures that only verified users can access critical systems and data, thus enhancing our overall security posture.

3.1 Single Sign-on

With single sign-on users only have to enter one set of credentials to access their web apps in the cloud and behind the firewall – via desktops, smartphones and tablets. This foundational identity and access management (IAM) measure is a first step in building trusted experiences for your workforce, customers, and partners.

3.2 Multi-factor authentication

Multi-factor Auhtentication or MFA is an important part for secure access to your business applications or your network, especially in the current cyberspace environment. Within the NIS2 directives, MFA is highly recommended. On this page we will explain the role of MFA for your users and how you can improve MFA by the use of Smart-Factor Authentication.

3.3 SmartFactor Authentication

With cyber attacks on the rise, it’s more important than ever to defend against phishing and account compromise. The Verizon 2022 Data Breach Investigations Report indicated that nearly 50% of breaches involve the use of stolen credentials. Although Multi-Factor Authentication (MFA) has emerged as a common tool to protect user credentials and sensitive company data, traditional solutions create annoyances for end-users and negatively impact productivity.

3.4 Advanced Directory

Synchronize users from multiple directories such as Workday, Active Directory, LDAP, G Suite and others with OneLogin

3.5 Identity Lifecycle Management

OneLogin Identity Lifecycle Management emphasizes efficient onboarding by importing entitlement definitions from every application and offering flexible rules for user entitlements. Role, department, location, and title are the basis for access control.

3.6 Onelogin Access

OneLogin Access extends the reach of the OneLogin Trusted Experience Platformâ„¢ to applications hosted on-premises and in public or private clouds. We bring the benefits of the cloud to you: simplified administration, reduced IT costs, improved security, and enhanced user experience.

3.7 Virtual LDAP

OneLogin’s Virtual LDAP Service (VLDAP) enables you to use OneLogin as a cloud-based LDAP directory to authenticate (bind) users, and search user attributes and OneLogin roles for authorizations. VLDAP enables integrations with legacy systems that require an LDAP endpoint for authentication and authorization.

3.8 Onelogin Desktop

OneLogin Desktop binds machines to the OneLogin Cloud Directory. If you’re cloud-first, that may be all you need. If you’re using Active Directory, OneLogin synchronizes with it to manage identities and credentials without requiring binding to an AD domain—making it even easier to move off AD completely.

4. Vulnerability management of Assets

With Armis, it is possible to have a general overview of your Asset Inventory and which assets show vulnerabilities. Armis will even help by the use of Machine learning and AI to prioritize vulnerabilities, so that we know which vulnerabilities needs to be addressed with priority. 

Click on the titles to have more information on each solution. 

Identify core function of the Cyberfundamentals framework