Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
It seems a cybersecurity team’s work is never done.
Whether they originate within a company’s network or outside of it, cybersecurity experts need to prevent known vulnerabilities from becoming exploited resulting in a breach as well as anticipate unknown cyber threats from compromising the company’s security, reputation, and revenue. “Holistic” is the name of the game — from top to bottom these teams need to consider everything that could go wrong, then implement an effective plan to push back against it.
However, it’s hard to take initial action when your scope only includes your internal network, which is the case with far too many cybersecurity teams. That’s why we’ve outlined the top five priorities for all companies to manage their entire digital attack surface for maximum efficacy. The timeless adage tells us that a journey of a thousand miles begins with a single step, and it’s no different in this case either.
So while some organizations have developed a mature digital attack surface management program, others are just starting on the journey, evaluating the scope of their program and identifying where to start. For those organizations, it’s important not to get overwhelmed when considering the cybersecurity health of your business. Just start here and take action.
It’s crucial nowadays to understand which digital assets belonging to your organization are exposed to the internet; in other words, what your organization looks like to customers and would-be cyber attackers. A business’s internet presence consists of known, unknown, unsanctioned, and often poorly maintained internet-facing assets. You need to catalog all of them! Shadow IT, M&A, and a lack of standard commissioning processes mean that cybersecurity teams have an incomplete view of their digital attack surface and its weaknesses.
Regardless of their efforts, they can’t protect what they don’t know about. Cyber attackers perform reconnaissance to exploit unknown, vulnerable, and unmonitored websites, as well as their applications, forms, and underlying infrastructure.
According to Verizon, 70% of all successful breaches today originate on the internet. That’s why companies should do what the bad guys are already doing: map their digital attack surface in pursuit of potential vulnerabilities.
With your digital attack surface mapped and your vulnerabilities identified, it’s time to reduce them and make yourself a smaller target for hackers. Your team must first have an accurate inventory of assets exposed to the internet, then enrich that information by tagging geographical locations, business units, and owners. This exercise will let you systematically improve your cybersecurity posture by addressing specific types of weaknesses, including:
It no longer matters if an asset lives within a network or beyond the firewall. If it belongs to your organization, it’s imperative that you maintain its compliance with internal standards and third-party regulations. Organizations are already facing fines for breaches that originate outside the firewall.
More regulations will be put in place to protect customers from cyber threat actors targeting businesses going forward. Organizations need to be able to stay within GDPR, OWASP, and internal compliance guidelines to avoid potentially devastating penalties.
Your customers fundamentally interact with your business outside your firewall. As indicated by the massive GDPR fine against British Airways, you’re responsible for their safety and online experience. This obligation includes protecting them from cyber threats that belong to you but reside outside the network, like crypto miners, malicious code injections, and Magecart.
But this responsibility also extends to assets that don’t belong to you. These rogue assets mimic your brand and target your customers. Even though your organization didn’t develop them, they’re a part of your digital attack surface anyway. These include typo-squatting on various domains and subdomains, developing fraudulent mobile apps, publishing phishing sites, and operating infringing social media accounts.
Organizations require rich internet data to be automatically accessible by their other cybersecurity tools to give them full visibility of their digital attack surface and add an “outside the firewall” context to other security functions. By enhancing existing systems and processes with this data, organizations can bring internet visibility to a range of additional cybersecurity and IT operations tools to enrich the information they deliver, accelerate response or mitigation, and improve the organization’s cyber effectiveness.
Some common applications are:
Due to cloud server migration, hosting, and other digital media initiatives, millions of assets appear on the internet every day, and they’re entirely outside the scope of firewalls and endpoint protection. A business’s digital attack surface extends from the internal network to the farthest reaches of the internet, where cyber attackers have all the visibility. Cyber security teams are now responsible for defending this enormous swath of digital real estate with the same scrutiny as their internal networks.
Fortunately, despite this drastic increase in what cybersecurity teams are now tasked with protecting, basic tenets of cybersecurity haven’t changed. With the right tools, cybersecurity teams can apply the same rules that keep their internal networks safe to their entire digital attack surface.
Don’t get overwhelmed on your way to a robust digital attack surface management plan. Just get started!
The latest episode of SwigCast is out! We tackle card skimmers and the evolution of Magecart with @RiskIQ technical director Terry Bishop
We're here at Pittsburgh Information Security Awareness Day, chatting with western Pennsylvania #infosec pros about Attack Surface Management! Read all about this great event here: https://t.co/YusL3t5fGQ
Our #CTO Adam Hunt discusses the trend of businesses expanding their online presence quicker than their infrastructure can be secured in the most recent issue of @TodaysBoardroom (p.28) https://t.co/SY7pgpUu1o
Dan Schoenbaum, President of @RiskIQ strongly believes in taking the responsibility seriously for protecting the customers from cyber-attacks.
Read more https://t.co/mKKg0cbHEi
#cyber #CybersecurityNews #cybersecurity #cybersecurite #digitalart #Digital
@RiskIQ World Leader in attack surface management, was secured a place in the list of "30 Great Places to Work 2019" by #CIO_Bulletin