Home

Asset & Configuration Management

Asset & Configuration Management
ServiceNow SaaS users: what are the advantages or disadvantages of using ServiceNow's CSDM (Common Service Data Model) rather than an alternative reference model for the CMDB?

Top Answer: Implementation will be easier. The bigger issue will be when upgrading. The more you customize the more difficult updates and upgrades become

79 views
1 comments
0 upvotes
Related Tags
If you are a current SAP customer, when do you plan to migrate to SAP S/4HANA?

Top Answer: No plan to migrate soon.

6018 views
20 comments
101 upvotes
Related Tags
People & Leadership
Strategy & Architecture
Cloud
End-User Services & Collaboration
Applications & Platforms
Engineering
Governance, Risk & Compliance
Data & Analytics
Business Intelligence
Disruptive & Emerging Technologies
Team & Organizational Design
Security Strategy & Roadmap
IT Strategy & Roadmap
Outsourcing & Managed Services
Network
Compute
Storage
Backup & Disaster Recovery
Public Cloud
Hybrid Cloud
Contact Center & Telecom
Data Center
Device Management
End-User Devices
Mobile
Productivity Tools
Collaboration Solutions
Document Management
Finance
Business Applications
Legal
Human Resources (HRIS)
Technical Product Management
Software Development
DevOps
Quality Assurance
Continuous Integration/Continuous Deployment (CI/CD)
Enterprise & IT Service Management (ITSM)
Availability & Capacity Management
KPIs, Metrics & Reporting
Financial Management
Vendor Management
Service Desk
Management Tools
Risk Management
Data Privacy
Artificial Intelligence & Machine Learning (AI/ML)
Data Warehouse
Integrations
Security & GRC
Identity & Access Management (IAM)
Blockchain
IoT
Innovation
5G
Peer Insights
Feedback
Vendor/Product Recommendation
Business Continuity & Disaster Recovery
Crisis Management
Customer Engagement
Customer Relationship Management (CRM)
Enterprise Resource Planning (ERP)
Business Relationships
Talent Management & Performance
Portfolio, Program & Project Management
Data Management
Big Data
Vendor/Product Assessment
Process Management
Asset & Configuration Management
Infrastructure
Performance
Operations Management
Mobile Development
Testing
If these companies were affected then the foundation of computing could be at risk. If you could manipulate at the hardware layer via the firmware, BIOS, ect then a threat actor could weaponize well below the operating system which brings in to question the integrity of the entire computing stack and everything above it.  The firmware and bios are like the rebar and concrete for a building. If that foundation is weak then the entire structure and anything dependent on it is at risk. We cannot underestimate the potential or the severity of these companies being potentially affected by the SolarWinds hack and what that means for the foundational computing hardware they provide to the world.  What do others think ?  How could this impact your organization ?   Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack - The Verge

Top Answer: The message here is: one is never out of the woods ever, so pay attention! Just because today's news eclipses yesterday's doesn't mean companies get to shove the bad under the rug and stay silent. Remember, vulnerabilities discovered 10-15 years back are still at the top of the list of the most exploited.

What are your thoughts on SaaS management platforms (SMP)?

Top Answer:

116 views
0 comments
3 upvotes
Related Tags
People & Leadership
Strategy & Architecture
Cloud
End-User Services & Collaboration
Process Management
Governance, Risk & Compliance
Data & Analytics
Business Intelligence
Security & GRC
Disruptive & Emerging Technologies
Team & Organizational Design
Talent Management & Performance
Culture & Values
Financial Management
Security Strategy & Roadmap
IT Strategy & Roadmap
Outsourcing & Managed Services
Network
Compute
Storage
Backup & Disaster Recovery
Public Cloud
Hybrid Cloud
Contact Center & Telecom
Data Center
Device Management
End-User Devices
Mobile
Productivity Tools
Collaboration Solutions
Document Management
Finance
Business Applications
Legal
Human Resources (HRIS)
Technical Product Management
Software Development
DevOps
Quality Assurance
Continuous Integration/Continuous Deployment (CI/CD)
Enterprise & IT Service Management (ITSM)
Availability & Capacity Management
KPIs, Metrics & Reporting
Vendor Management
Service Desk
Management Tools
Risk Management
Regulatory Compliance
Data Privacy
Artificial Intelligence & Machine Learning (AI/ML)
Data Warehouse
Integrations
Data Lake
Threat & Vulnerability Management
Identity & Access Management (IAM)
Security Operations Center (SOC)
Augmented & Virtual Reality (AR/VR)
Blockchain
IoT
Innovation
Cryptocurrency & Bitcoin
Bots
5G
Peer Insights
Vendor/Product Recommendation
Business Continuity & Disaster Recovery
Crisis Management
Customer Engagement
Customer Relationship Management (CRM)
Enterprise Resource Planning (ERP)
Threat Intelligence & Incident Response
Talent Sourcing & Hiring
Employee Engagement
Mentoring & Coaching
Training & Certification
Business Relationships
Portfolio, Program & Project Management
Data Management
Big Data
Vendor/Product Assessment
Asset & Configuration Management
Infrastructure
Performance
Contact Center Solutions
Applications & Platforms
Engineering
Operations Management
Mobile Development
Testing
Data Protection & Encryption
Do you think the SolarWinds breach will have a significant or lasting impact on how IT approaches supply chain risk management?

Top Answer: I was pulled into a wide variety of peer dialogues from the day that the SolarWinds breach discovery occurred, because of my time at Intel and stuff that I had done there in supply-chain risk. My concern, when I was Chief Security and Privacy Officer at Intel, was always a nation-state actor looking to weaponize the technology that Intel created, to do harm. I always saw information security as inextricably linked to the product security and the technology. I think the SolarWinds issue is a clear example of that linkage. I've been at odds with a number of my peers in the industry who still see them as quite separate, now it's probably a little bit different, but many of them had InfoSec completely separated from product security and they very rarely intertwined themselves. And Intel, as I said, had this in their environment. When you think about that in firmware, Bios, validation engineers doing that type of stuff, it brings into question some aspects of the foundation of computing. Because if they were in Intel's infrastructure, if that report was accurate, and they did have a foothold, if it was that type of nation-state actor, they would be trying to do things more surreptitiously, well below the operating system to keep stronger footholds in other organizations. I think it's a Richter 10 type item but I've always seen this as a Richter 10 type item. I'm just, frankly, surprised that it took this long for this type of thing, at that level of infrastructure, to be found. And I'm sure it's not the first one. I'm sure there's other ones that are there that are yet to be found.

How did the security ecosystem allow for the kind of attack we have seen with SolarWinds?

Top Answer: The SolarWinds component is just yet another aspect of a soft supply-chain piece. I would actually bet, probably almost any amount of money, that if you went to and grabbed any random Fortune 1000 CISO and said, "Hey, tell me who your top 40 suppliers are," they would literally have no clue. They'd be like, "Well..." There's big tech companies they might be able to name but actual software, data flow components, we've just never paid attention and we've continued to not pay attention.