Digital Transformation
Showing results for 
Search instead for 
Did you mean: 

Why Converged Security matters: win the Whack-a-Mole game


Over the past weeks I have been blogging about Converged Security, describing some key use cases in a more holistic approach to securing your enterprise. In this fourth instalment I would like to discuss the secure asset lifecycle.


My kids are older now, but I remember the days where every other week we were invited to a birthday party. Many of these parties took place in arcades where one of my favourite games (let’s face it, I had to find something to do while toddlers tore the place apart) was Whack-a-Mole.


I feel for the IT security folks. Their world resembles an endless game of Whack-a-Mole. They scan the environment, fix the security holes and 5 new ones pop up the next day. You may argue that it goes with the territory, and I would agree with you, if it weren’t for the fact that in many cases this is inflicted on them by their IT brethren. Devices, systems, servers, components, applications are continuously deployed into the production environment but often without much thinking into how this may affect security. IT Security is often not even aware that a new system has made it to the production floor until their next scan finds it, at which point they can cure it from its vulnerabilities, but wouldn’t prevention make a lot more sense?

Consider the following picture

Secure asset lifecycle


This is a simple depiction of the Secure Asset Lifecycle. When new assets are being deployed you need to first determine their risk profile. Is it production or test? Is it externally accessible? Is it mission-critical? What technologies does it use? These are just a few simple questions you need the answers to in order to assess the risk profile of the asset. Once you do that you can then decide what compliance controls are needed, how to manage its vulnerabilities and how to continuously monitor it to ensure it remains secure.

Sounds like a lofty goal, so here are a few things you can do today that should not require much effort:

  • Include representatives from security in your change management process (e.g. have IT security represented in your CAB)
  • Add an IT security evaluation as a required step to your release or deployment process

For a more advanced use case, you could – for instance – integrate your IT discovery with your IT security scans to provide a holistic asset register. This will also be of enormous benefit when it comes to Automated Discovery and Remediation, which will be the topic of my next and final blog in this series.

For more information on how to implement converged security, visit, or come and see my colleague Gerben Verstraete present how together we stand, but divided we fall at HP Protect .

About the Author


Jan 30-31, 2018
Expert Days - 2018
Visit this forum and get the schedules for online HPE Expert Days where you can talk to HPE product experts, R&D and support team members and get answ...
Read more
See posts for dates
HPE Webinars - 2018
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all