Co-writer: Vegard Reiersen
The world is more digitally connected than ever before. Criminals take advantage of this online transformation to target the ever-changing digital attack surface and weaknesses in online systems, networks, and infrastructure. Does Attack Surface Management offer solutions to these complex challenges?
Cyber crime knows no national borders. Criminals, victims and technical infrastructure span multiple jurisdictions, bringing many challenges to investigations and prosecutions.
What is Attack Surface Management?
If you are remotely interested in Cyber Security, you have probably heard about Attack Surface Management. In case you have not, let us break it down a little.
We define the attack surface as a compilation of all digital assets related to the brand. This includes but is not limited to your domains, third parties, shadow IT, external phishing websites, brand abuse and supply chain risk. To simply put it, these are various ways an attacker can get into your business network or device to steal or change vital data.
Attack Surface Management is essentially enabling you to discover the above mentioned changes and threats in your digital landscape.
Here are the 5 reasons why you should explore Attack Surface Management:
Knowing yourself and your entire digital attack surface allows you to make decisions that can reduce your potential of being hacked.
Realign Security Thinking
Getting an ethical hacker’s perspective on your business, positions your security teams or SOC to more efficiently prioritize areas of the attack surface.
React Faster to emerging Threats
Security teams must move faster than attackers when vulnerabilities and exploits are disclosed. This is only possible if the attack surface is mapped out on a continuous basis.
Improved control of your attack surface helps mitigate risk of being attacked. Loss of data, associated recovery costs and downtime to restart operations can be a steep price to pay. It is important to weigh the cost of dealing with an attack versus the value of preventive measures.
One of the most important factors of business growth is customer retention. Maintaining brand loyalty through a strong cyber position is paramount for customers today.
How often do you check your (de)fence?
Faster – better – stronger?
There is a reason why Attack Surface Management gain so much traction. It just seems logical to most people that to allow us to beat Cyber Criminals, we must do the same as the criminals do – only faster (and better). In River Security, we have adapted a concept from military strategy called “OODA-loops”. We need to observe changes and developing threats, orient ourselves and the customer on the matter at hand, decide which measures to defeat the adversary with and finally act on the measures.
River Security and Attack Surface Management
Active Focus is a proactive Attack Surface Management service with the purpose of continuously observing the known tactics, techniques and procedures (“TTP”) attackers and criminals are utilizing online and against our organizations. Through the continuous observation and proactive testing, we increase security, reveal vulnerabilities, and prevent attacks by proactively identifying vulnerabilities. As the digital attack surface is subject to changes daily, new services are provisioned and existing services changes.
Instead of penetration testing once a year, we penetration test every change, every opportunity, always.
The goal of our Attack Surface Management service is to minimize the available attack surface for attackers. The remaining attack surface is continuously and always vetted by our professional penetration testers who utilize expert competency, tools, techniques and automation to best defend the customer.
“You can’t clean the house when the lights are off!”Chris Dale, Principal Consultant and Co-Founder, River Security