What are Assets?
An asset is anything that has value to an organisation and whose availability, integrity or confidentiality must be protected. In the context of IT and OT (Operational Technology), assets are typically physical, digital or logical components that play a role in processes, production or information processing.
🧱 Types of assets in IT and OT
| Type of asset | Examples |
|---|---|
| Physical assets | PLCs, RTUs, SCADA servers, workstations, network switches, field equipment |
| Logical assets | Software applications, operating systems, configuration files, Setpoints |
| Information assets | Historical data, recipe data, alarm notifications, reports |
| Network assets | IP addresses, Firewall rules, VLAN segments, conduits |
| Personnel assets | Knowledge held by operators, administrators and external suppliers |
🧠 Why are assets important?
Mapping assets is essential for:
- Risk analysis (e.g. under ISO 27001, BIO or IEC 62443)
- Security measures focused on critical systems
- Patching and maintenance of systems with known CVEs
- Monitoring with tools such as a SIEM
- Configuration management and audits
- Incident response by CSIRT or CERT teams
🔍 Without insight into your assets, you cannot know what to protect.
🛡️ Asset management & security
- Maintain an asset register with type, location, owner and status
- Classify assets by criticality (e.g. according to BBN)
- Implement Defense in Depth around critical assets
- Monitor changes via Logging, SIEM or network detection
- Secure updates, access and communication with industrial assets
📌 In summary
An asset is anything of value that needs to be protected — from a physical PLC to a digital configuration file. Sound asset management is the foundation for effective security, business continuity and Compliance.