What are the three priorities for effective digital asset identification?

According to Paula Januszkiewicz, the three priorities are: first, identifying what communicates across the network to understand system relationships; second, conducting an identity audit to understand how users authenticate and access systems; and third, reviewing monitoring systems (SIEM) to ensure all relevant log sources are connected, not just the obvious ones.

What is a 'Minimum Viable Company' in cybersecurity context?

Minimum Viable Company (MVC) refers to identifying and prioritizing the critical business processes that must be restored first after a cyber incident to maintain business operations. For example, a retail organization's MVC would include the ability to open stores and process transactions, as this directly impacts revenue generation.

Why do organizations with good security tools still experience breaches?

Organizations often have blind spots — areas that are not monitored despite having sophisticated security tools. These include remote worker home devices, third-party systems with incomplete logs, legacy applications, and systems where log aggregation was not properly configured. Attackers specifically target these unmonitored entry points.

NIST 2.0 Identify: Asset Discovery Before Hackers Find Your Blind Spots

Name: NIST 2.0 Identify: Asset Discovery Before Hackers Find Your Blind Spots
Uploaded: 2026-02-17T06:48:49-05:00
Duration: 24 min 2 s
Description: TL;DR Hackers spend an average of 200 days undetected in infrastructure, with organizations requiring 300 days to fully recover from incidents at an average cost of $4.5 million USD per breach. Blind spots — unmonitored home devices, third-party system...

Commvault

02/17/2026

0 (0%)

Report Like Favorite

TL;DR

Hackers spend an average of 200 days undetected in infrastructure, with organizations requiring 300 days to fully recover from incidents at an average cost of $4.5 million USD per breach.
Blind spots — unmonitored home devices, third-party systems, and incomplete logs — are the primary entry points for attackers, even in organizations with sophisticated security tools.
A retail ransomware attack affecting 3,000 stores originated from a phishing attack on an employee's spouse's home computer where work credentials were stored.
Three identification priorities: monitor network communications, audit identity and authentication flows, and ensure all log sources are connected to SIEM systems.
Organizations must define their 'Minimum Viable Company' — the critical processes that must be restored first to maintain business continuity after an incident.

This episode of Commvault's 'Bezpieczeństwo od Kuchni' (Security from the Kitchen) series launches a four-part exploration of the NIST 2.0 cybersecurity framework, focusing on the critical first pillar: asset identification and security governance. Hosted by Anna Rydel from Commvault alongside Paula Januszkiewicz, CEO of CQURE and Microsoft Regional Director, the discussion reveals why organizations struggle to protect what they cannot see. The conversation opens with sobering statistics: hackers spend an average of 200 days inside infrastructure before detection, organizations require approximately 300 days to recover from incidents, and the average cost of a data breach reaches $4.5 million USD. Paula emphasizes that even companies with robust security tools suffer breaches because of 'blind spots' — unmonitored areas including remote worker home devices, third-party systems, and legacy applications that generate incomplete logs. A compelling case study illustrates the danger: a retail organization with 3,000 stores was compromised when an attacker inserted a USB drive into a store computer. The initial entry point traced back to a phishing attack targeting an employee's spouse on a home computer, where work credentials were stored. The ransomware spread across all locations before a global firewall detected the encryption key request. Paula outlines three priorities for effective asset identification: network communication monitoring to understand what systems are talking to each other, identity auditing to map authentication flows and access patterns, and SIEM integration ensuring all log sources are connected rather than just the obvious ones. The hosts introduce the concept of 'Minimum Viable Company' (MVC) — identifying which critical processes must be restored first to maintain business operations. For the retail client, the CISO's primary concern during the incident was whether stores could open on Saturday, demonstrating how cyber resilience directly impacts revenue. The episode concludes with a philosophical parallel: just as traditional Japanese matcha ceremony requires full presence and awareness, cybersecurity demands organizations truly know and understand their digital assets before attackers discover them first.

Chapters

0:00 - Series Introduction and Host Introductions
2:51 - NIST 2.0 Framework Overview
5:17 - Breach Statistics and Blind Spots
9:30 - Traditional Matcha Ceremony
11:05 - Case Study: Third-Party System Breach
14:05 - Three Priorities for Asset Identification
16:51 - Minimum Viable Company Concept
19:46 - Case Study: 3,000 Store Ransomware Attack
23:27 - Key Takeaways and Series Preview

Key Quotes

6:00 "Mamy generalnie statystykę, która mówi, że te około 200 dni haker spędza w infrastrukturze zanim zostanie wykryty, a około 300 dni zajmuje organizacji doprowadzenie jej do stanu po incydencie ..."
7:26 "Dzieje się m.in. dlatego, że np. mamy tzw. blind spots, czyli obszary, które nie są monitorowane ..."
17:14 "Gdzie są twoje najbardziej krytyczne zasoby? I okazuje się, że na to wydawałoby się proste pytanie, jest bardzo trudna odpowiedź ..."
20:23 "Ktoś musi spędzić czas w infrastrukturze, żeby zrozumieć, co najbardziej zaboli, więc czemu my nie możemy się do tego dobrze przygotować ..."
23:32 "Jeśli my, jako pierwsi, nie zrozumiemy, co jest dla nas krytyczne i ważne, to myślę, że taka grupa przystępcza będzie mogła to zrobić za nas, tylko wtedy będzie już za późno ..."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

04/30/2026

10:00 AM

04/30/2026

Insights into SaaS Data Protection from the Keepit Annual Data Report 2026

https://www.truthinit.com/index.php/channel/1868/insights-into-saas-data-protection-from-the-keepit-annual-data-report-2026/
04/30/2026

01:00 PM

04/30/2026

The New Economics of a VMware Exit

https://www.truthinit.com/index.php/channel/1880/the-new-economics-of-vmware-exit/
05/06/2026

02:00 AM

05/06/2026

Detecting Cyber Attacks Before They Evolve Into Breaches with AI Insights

https://www.truthinit.com/index.php/channel/1886/detecting-cyber-attacks-before-they-evolve-into-breaches-with-ai-insights/
05/06/2026

10:00 PM

05/06/2026

World Password Day: Strategies for Managing Your Passwords Effectively.

https://www.truthinit.com/index.php/channel/1913/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

05:00 AM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively.

https://www.truthinit.com/index.php/channel/1914/world-password-day-strategies-for-managing-your-passwords-effectively/
05/07/2026

01:00 PM

05/07/2026

World Password Day: Strategies for Managing Your Passwords Effectively

https://www.truthinit.com/index.php/channel/1915/world-password-day-strategies-for-managing-your-passwords-effectively/
05/12/2026

01:00 PM

05/12/2026

Transforming Black Box to Glass Box: Revealing Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1895/transforming-black-box-to-glass-box-revealing-hidden-threats-and-ai-risks-through-data-lineage/
05/12/2026

11:30 PM

05/12/2026

Implement Effective Strategies for Securing Active Directory and Minimizing Data Exposure

https://www.truthinit.com/index.php/channel/1888/implement-effective-strategies-for-securing-active-directory-and-minimizing-data-exposure/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Black Box to Glass Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-black-box-to-glass-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Spring of Satori: A Deep Dive into 2026's Threat Landscape and Findings

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-a-deep-dive-into-2026s-threat-landscape-and-findings/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/28/2026

10:00 AM

05/28/2026

Transforming AI from fantasy to purposeful management

https://www.truthinit.com/index.php/channel/1924/transforming-ai-from-fantasy-to-purposeful-management/