Threat actors don’t have to compromise assets to attack an organization or its customers


Digital supply chains, M&A, and shadow IT create a hidden attack surface

Most cyberattacks originate miles away from the network; web applications comprised the vector category most commonly exploited in hacking-related breaches. Unfortunately, most organizations lack a complete view of their internet assets and how those assets connect to the global attack surface. Three significant contributors to this lack of visibility are shadow IT, mergers and acquisitions (M&A), and digital supply chains.

Shadow IT

Where IT can’t keep pace with business requirements, the business looks elsewhere for support in developing and deploying new web assets. The security team is frequently in the dark regarding these shadow IT activities and, as a result, cannot bring the created assets within the scope of their security program. Unmanaged and orphaned assets can become a liability in an organization’s attack surface over time.

This rapid proliferation of digital assets outside the firewall is now the norm. New RiskIQ customers typically find approximately 30 percent more assets than they thought they had, and RiskIQ detects 15 expired services (susceptible to subdomain takeover) and 143 open ports every minute.2

Mergers and acquisitions

Everyday operations and critical business initiatives such as M&A, strategic partnerships, and outsourcing create and expand external attack surfaces. Today, less than 10 percent of deals globally contain cybersecurity due diligence.

There are several common reasons why organizations are not getting a complete view of potential cyber risks during the due diligence process. The first is the sheer scale of the company’s digital presence they’re acquiring. It’s not uncommon for a large organization to have thousands—or even tens of thousands—of active websites and other publicly exposed assets. While IT and security teams in the to-be-acquired company will have an asset register of websites, it’s almost always only a partial view of what exists. The more decentralized an organization’s IT activities are, the more significant the gap.

Supply chains

The enterprise is increasingly dependent upon the digital alliances that form the modern supply…

Source…