Publish date: 24.10.22

As these reports are only available to Gartner’s clients, Xeretec & Barracuda have teamed up to share our joint perspective on the first trend on Gartner’s list: Attack Surface Expansion. Over the past several years, most organisations’ attack surfaces have expanded dramatically. This meaning the totality of vectors that attackers can exploit to penetrate networks has increased. Therefore, the likelihood of attacks being successful is greater and organisations are left with more elements to consider when attempting to secure their network.

Next Blog: #2 Digital Supply Chain

The factors driving this expansion include:

Increased use of cloud platforms and SaaS services
As organisations drive to improve their productivity and agility, they are replacing on-premise technology and migrating workloads to cloud services. This migration to self-managed software with SaaS applications and services, is causing organisation to expose themselves to cyber risks that are not under their direct control. Any vulnerability in those platforms and services can be exploited to penetrate their customers’ networks.

Rapid expansion of outward-facing apps
In order to remain competitive, it is critical for organisations to develop, deploy and update apps that promote fast and simple engagement with customers, vendors, and partners. Cybercriminals constantly monitor these outward-facing apps for vulnerabilities as they are more likely to occur in an accelerated DevOps environment.

Significant increase in remote working
The pandemic drove a sudden shift to remote working, forcing organisations to support a vast number of employees and their digital assets from remote locations, every day. This resulted in a dramatic increase in the number of connected devices, many of which are personal and unknown to IT. The majority of CISO’s admit that at least some security was sacrificed in order to support a remote working model.

Growing use of social media as customer engagement channels
As increasing numbers of employees are tasked with interacting directly with customers and prospects via publicly accessible channels such as LinkedIn, the possibility of unwittingly revealing information that can be used to create targeted phishing or other attacks also increases.

New strategic initiatives
Responding to attack surface expansion requires a shift away from the traditional approach of defining a perimeter and then protecting everything within that perimeter. Instead, it’s necessary to view the attack surface from the outside in; in other words, to see all your potential vulnerabilities from the same point of view as attackers do.

To support this approach, Gartner cites the emergence of a new set of top-level cybersecurity disciplines and capabilities:

  • Digital risk protection services (DRPS) is a blanket term for services that combine advanced analysis of real-time global threat intelligence with detailed assessment of specific risks to client organisations. This also includes recommendations for measures clients can take to mitigate specific risks.
  • External attack surface management (EASM) refers to the practice of discovering all external-facing digital assets such as web apps, APIs, and portals. The next step is to ensure continuous monitoring for potential vulnerabilities, and the ability to immediately respond in order to de-risk.
  • Cyber asset attack surface management (CAASM) is closely related to EASM, but its focus is primarily on consolidating information about internal and external cyber assets in order to give security teams actionable visibility into their entire attack surface.

If this blog covers anything you would like to discuss in more detail, Please do get in touch here.