Do you understand your threat surface?
The cyber security threats facing your business today are constantly changing, along with your network as new software, hardware, and user activity are introduced. All of these factors present an ideal scenario for a cyber attack. Understanding your threat surface – the set of all parts of your network where vulnerabilities and threats could lead to access by unauthorized users – is a critical step to improving your network security posture.
Networks are dynamic, constantly growing to incorporate new devices, data, applications, and users, as business needs evolve. As your network grows to keep pace with your business or organization, so does your threat surface. Servers offering web services, remote users connecting to the company network and accessing files, even devices that control the temperature and lighting in your office, all increase your threat surface, putting you at greater risk and creating new opportunities for unauthorized access.
Reduced risk = reduced threat surface
Many small and mid-size businesses assume their operations are not large enough to make them an appealing target for a cyber attack. Yet a company’s threat surface may reveal this isn’t the case. Companies without the resources for cyber security protection often have the highest risks and the largest threat surface, introducing the potential for attacks of opportunity.
These attacks are often widespread attempts at exploiting vulnerable, Internet-exposed services. We were reminded of the dangers of these types of attacks when WannaCry ransomware compromised business, organization, and government networks in 150 countries in 2017. Just last month, the BlueKeep security vulnerability in older versions of Microsoft Windows software presented the potential to stage this same scale of attack.
It’s important to understand that access to data is not the only driver. Attackers may instead be interested in:
- Preventing users from accessing systems and data (e.g Ransomware)
- Using systems on your network as infrastructure for attacks on other systems (e.g. Command and Control)
- Using your infrastructure and systems for other financial gain (e.g. Bitcoin mining)
Minimizing your security risks reduces your threat surface – but you need to first understand the areas where you are exposed to risk.
- Know your network
Securing your network starts with knowing it inside and out. Networks are the engines that drive the data access and exchange between systems and users, providing the communications between hosts, networking hardware and software, corporate applications, and users. Understanding how your network is configured and the elements that may expose it to risk are critical. Equally important is continuing to gauge the health of your networking hardware, storage solutions (e.g. database and document management systems), applications, IT policies, and devices connecting to your network.
- Know the threats to your network
Threats are constantly evolving, finding new ways to gain access to networks. At the same time, unpatched or older versions of software, as well as hardware that requires upgrades or replacement, can create vulnerabilities in your perimeter and opportunities for unauthorized access. Users also add to the risks – employees, third-party vendors, even customers are simply human and can be enticed to click links, install untrusted software, and unknowingly transmit sensitive data over insecure channels. Once unauthorized access occurs, attackers may leverage compromised accounts to exploit the trust relationship between organizations and partners. Awareness and visibility of these risks are key to preventing attacks.
- Know what to do in response to those threats
Armed with a solid understanding of your network and the potential threats, you can better identify the most effective, affordable tools and techniques to reduce your threat surface exposure. A good rule of thumb is applying proactive measures that increase visibility, improve response time, protect all access points in your network, and provide ways to quickly recover data and systems from attacks of any severity.
Understanding and identifying the risks will help you improve the health and hygiene of your network and ultimately strengthen your cyber security defence.
Threat Surface Protection
At Field Effect, our approach to helping businesses and organizations build a cyber security defence is focused on what we call ‘Threat Surface Protection.’ ‘Threat Surface Protection’ is our systematic and proactive approach to understanding your network and its behavior, identifying anomalies and active threats, and most importantly, continually working to mitigate security risks to your organization and reducing your threat surface.
Our products and solutions allow you to see your IT ecosystem like never before and gain the insights to build resilient networks. Use our Covalence solution to gain visibility across your network and endpoints to identify threats. Rely on Cyber Range to simulate your workforce’s ability to respond to those threats and test better ways to protect your systems in a safe, sophisticated replica environment. Use our Noble solution to build more advanced simulation frameworks for tests in complex IT environments.
Do you have questions about the threats facing your business or organization and the best security defence for your employees, customers, and partners or questions about getting started, cyber security best practices, or our solutions? Our Field Effect team can provide advice.
Reach out to us today at firstname.lastname@example.org.