Several months ago, I was introduced to Cyberpion and the concept of the attack surface that exists in an organization’s online ecosystem. I have worked in cybersecurity for many, many years and yet – this was the first time I had been made aware of the ecosystem as a fertile conduit to security breaches.
It was one of those cases of “I didn’t know what I didn’t know.” Because of my experiences with customers, colleagues, peers, and friends in cybersecurity, I was certain many of them are also unaware of how truly extensive and vulnerable this attack surface is. As I have thought about this gap in awareness, I have also speculated at the root causes and if the cybersecurity industry would come to the same realizations.
Focusing Only on the Perimeter is Shortsighted
Perimeter security is what security professionals have been conditioned to worry about day and night. In recent years, the perimeter has morphed into a dynamic, ever-changing line we must protect that encompasses cloud environments and remote workers. Consequently, the “what” and “where” of the perimeter has blurred and this has raised questions about what a security team needs to defend. My responsibility in recent years has been on tracking and protecting the “new” perimeter and how to extend traditional security tools, practices, and governance beyond the enterprise “legacy” perimeter. Then I was introduced to the online ecosystem attack surface.
The Ecosystem Attack Surface
The first striking thing about an enterprise online ecosystem is the vast scope of it. In his recent blog, Yoni Lebowitsch explained online ecosystems and their potential vulnerabilities. Yoni used the home page of www.wsj.com to visualize the size and scope of the ecosystem that is utilized to build a single web page. Other than sheer size, the number of third-party tools and vendors that are the essence of the ecosystem is staggering. When you consider that nearly every element of that ecosystem represents a potential vulnerability to your organization, the implications are just as astonishing. If you consider that an enterprise’s external ecosystem is 5-10x larger than the elements within its perimeter, organizations may begin to question their security investments, focus, and best-practices.
Don’t Take My Word for It
I was excited to see recent industry news highlighting the legitimacy and seriousness of this cybersecurity space. The announcement of Palo Alto Networks’ proposed Expanse acquisition is a clear endorsement of the fact that major players in cybersecurity, and their global enterprise customers, are beginning to come to the same realization I had when I joined Cyberpion. Attack Surface Management (ASM) vendors offer clear value from their perspective on cybersecurity: they examine the security posture from the outside-in.
Confused? Listen to Nikesh Arora explaining it eloquently to Jim Cramer at Mad Money here. The defenders realize that adopting the attackers’ views is critical to optimizing their security posture. This strategy mimics those adopted by military thinkers. For example, many years ago, in the Israeli Defense Force (IDF), combat officers were asked to plan attacks on their own defense lines using imagination, courage and far-out-of-the-box thinking.
Think Outside the Perimeter
This is what we do here at Cyberpion. We identify the threats that exist outside the perimeter, far beyond what first-generation ASM solutions offer. Our platform searches for the threats that exist Nth degrees of separation from your enterprise. We then take it a step further and look for the vulnerabilities connected to those threats, and the vulnerabilities of those connections, and their connections, etc.
When it comes to online ecosystems your exposure to risk is no different. The more third parties to which you are connected, the more your attack surface grows at an exponential rate. Cyberpion seeks out potential threats along that entire connected chain. When Cyberpion sees the threat coming, you will be the first to know.