By Kaz Greene, Solutions Engineer at Censys
The external attack surface of companies continues to grow, presenting threat actors with a larger opportunity to gain access to exposed assets.
Defined as the set of Internet assets relevant to an organization’s cybersecurity posture, including everything from digital assets like websites and remote networks to applications and servers. In many cases, hackers find it easier to attack these assets and use them as entry points into a company’s technology system than a direct attack.
This increased exposure has enhanced the need for Attack Surface Management (ASM) solutions, which provide organizations with comprehensive insight into their Internet-exposed assets. ASM technology helps organizations understand the full depth of their digital assets, allowing them to proactively address their riskiest exposed assets before they become a greater issue.
The Acceleration of Digital Transformation and Connected Devices
Over the past several years, attack surfaces have grown because of digital transformation and the desire to have everything online. With the increase in adopting cloud services, the distribution tends to be complex and ephemeral. There are trends toward putting internal, web-based services on the public internet, acquisitions, collaboration tools and outsourcing of non-essential services to third-parties leading to accelerated growth.
A recent study from research firm ESG showed that only 9% of organizations believe they actively monitor 100% of their attack surface. The same study also showed that organizations often underestimate the size of their attack surface by as much as 40%, leaving them in the dark about their true exposure.
The old cyber security axiom states, “you cannot defend what you cannot see.” Today, technology teams cannot see a lot of what they must defend. Technology leaders now have larger digital footprints and a lack of visibility into all that entails.
A Cloud Journey Filled with Oversights
Most organizations already faced a version of this challenge when they began adopting more cloud services and applications over a decade ago. While there are parallels, the current technology environments continue to grow because of cloud computing, requiring security tools that grow with them.
The acceleration has led to countless oversights – from AWS S3 bucket misconfigurations to end-point exposures – and the acceleration is not letting up. According to Forrester, 43% of IT decision-makers have already migrated to the cloud and public cloud spending is expected to more than double within the next three years.
This new reality requires new tools. Security teams will not be able to keep up with the expanding clouds – and the misconfigurations that can happen – unless they leverage an ASM solution that can provide an accurate accounting of all digital assets.
ASM in the Current Landscape
ASM automates the identification and classification of digital assets. It allows organizations to keep track of their digital footprint and implement protection strategies to manage this growing area while also prioritizing and identifying exposures for remediation.
Modern ASM tools can provide real-time attack surface analysis and vulnerability management. This is a step forward from even a few years ago when ASM tools conducted updates on a set schedule. ASM can find assets and check for exposures such as command and control (C2) infrastructure in your environment, misconfigured cloud storage objects, exposed dev tools like Kubernetes, or security hygiene issues.
ASM tools can help organizations build more complete internet and cloud exposure inventories, proactively defend against critical risks and provide meaningful insights to simplify communicating security program effectiveness. With the right ASM solution, organizations can instantly improve the ability to discover and investigate threats, prioritize needs and quickly remediate issues, and create strong benchmarks for company-wide reporting.
Along with a company’s organic growth, ASM also benefits companies going through a merger or acquisition. Adding new digital assets to an already growing attack surface presents a host of new exposures and challenges.
We have found that 40% of companies who went through a merger and acquisition transaction experienced a cybersecurity problem post-acquisition. As organizations continue to grow, they need to evaluate their security posture every step of the way.
The Future of ASM
ASM will continue to grow and adapt. ESG discovered that organizations who used ASM solutions found:
- 31% of users identified more sensitive data in unknown locations
- 30% of users spied on websites with a direct or indirect path to their networks
Now is the time for organizations to incorporate ASM solutions into their cyber defense. The growth of attack surfaces puts the entire enterprise at risk for attack. Take proactive steps to control your internet exposure before it grows out of control.