Glossary

Known assets represent the identifiable components within an organization’s IT infrastructure that are recognized and acknowledged by the company’s IT management or security teams. These assets encompass a broad spectrum of digital resources, including hardware devices, software applications, network infrastructure, databases, and cloud services, among others, that are integral to the organization’s business operations and IT ecosystem.

While known assets are typically documented and accounted for within the organization’s asset inventory or configuration management database (CMDB), they can still introduce security risks and vulnerabilities if adequate security controls and safeguards are not implemented and maintained. Despite being actively managed and monitored, known assets remain susceptible to various cyber threats and attack vectors, such as malware infections, unauthorized access, insider threats, and data breaches, especially if security measures are inadequate or outdated.

Therefore, organizations must adopt a proactive approach to cybersecurity risk management, which involves continually assessing and addressing the security posture of known assets, identifying and remediating vulnerabilities, and implementing robust security controls and best practices to mitigate potential risks effectively. By prioritizing security measures and maintaining visibility and control over known assets, organizations can strengthen their overall cybersecurity resilience, minimize the likelihood of security incidents, and safeguard critical business operations and data assets from potential threats and unauthorized access.