British astronaut, Major Tim Peake, takes data to new dimensions as he closes out Big Data LDN 2023
Todd Carroll, VP of Global Operations and CISO for CybelAngel
Every day we see more global turmoil. From geo-political unrest, pandemic slowdowns, inflation, and supply chain issues, it seems there is more uncertainty than ever before. Add to this; business shifts between ‘work from home,’ and ‘back to the office,’ ‘stored in the cloud,’ and ‘bring your own device,’ and the picture quickly gets complicated.
In the midst of this complexity, reside vulnerabilities, and within vulnerabilities, cyber criminals thrive. For CISOs, protecting business systems is harder every year as cyber criminals become better at finding these vulnerabilities and the means to exploit them. Continually re-fortifying end-points seems to be merely an exercise against time as bad actors seem to always find another way in. So shouldn’t we approach securing systems the same way bad guys approach infiltrating them, from the outside-in? Of course! Only faster, and better, and more thoroughly than the bad actors can.
So how can you be sure it’s time for this approach? Ask yourself these 5 questions:
1) How closely am I able to monitor my attack surfaces?
Attack Surface Management (ASM) is the continuous monitoring, discovery, inventory, classification, and prioritzation of sensitive external assets within an IT organization’s infrastructure. But it’s nearly impossible to keep up with the ever-growing number of assets, devices, shadow IT, file servers, cloud buckets, files and applications shared with suppliers and partners, linked to outside technology solutions, and stored in the cloud? In fact, very little is actually contained within firewall perimeters anymore.
2) Can I identify all my internet-accessible assets?
One thing’s for sure, you can’t secure what you can’t see. The internet is , broader and more extensive than maybe anyone knows… and the potential for having unknown attack surfaces hiding within it, insurmountable. Without visibility of all assets connected to your network, including devices, websites, applications, databases, shared files, etc. your systems are vulnerable. And there’s no way to proactively monitor and protect a digital footprint if you’re unsure of its size.
3) Do I have critical vulnerabilities I don’t know about?
Most likely, yes. According to IBM’s X-Force Threat Intelligence Index 2022, over the past five years, the number of vulnerabilities discovered annually has steadily increased. More concerning is the number of exploits, or tools, threat actors use to take advantage of vulnerabilities, is also rising. So doesn’t it make sense to look for the solution in the same place the bad guys are finding the cause of the problem? External Risk Protection combines External Attack Surface Management, or EASM to find exposed attack surfaces (aka open doors), and Digital Risk Protection Services, or DRPS to uncover leaked information and credentials (aka keys), so you can eliminate these vulnerabilities altogether.
4) How well is my supply chain protected?
Do you have a complete picture of your interconnected digital ecosystem, including all vendors, suppliers, customers, partners, clients, distributors, patients, and other 3rd party relationships? Most CISO don’t, their ecosystems are just too vast, too distributed, and frankly, too unknown. Even if you do, your vendors likely have risk factors they’re not aware of. Or, their vendors have unknown risk factors, or their vendors’ vendors do… you get the picture. Monitoring your entire ecosystem of 3rd, 4th, and 5th party connections requires a holistic, pre-emptive, outside/in strategy.
5) How difficult is it to adopt a pre-emptive strategy?
It is imperative to have visibility outside of your organisational network. It’s not always clear where you are leaking sensitive information or where critical assets are exposed. Scouring every layer of the web is important to prevent any potential security incident that can threaten critical company assets. Having a dedicated team of skilled analysts to monitor external platforms for leaked data can also provide effective protection against data-driven security incidents. The cost or effort of implementing a pre-emptive strategy is infinitely easier and less costly than a single breach.