Why does attack surface management matter? Because it is essential for mitigating cyber-risk.
Military people talk about getting “left of boom” — i.e., understanding threats and vulnerabilities that could be exploited by an adversary and then taking active measures to mitigate these risks before an attack occurs. Cyber-risk management demands the same left-of-boom discipline. It is incumbent upon security teams to identify every door and window across the IT infrastructure, know whether they are open or closed, understand which ones lead to critical business assets and recognize which ones are most likely to be exploited by cyber adversaries.
Here’s the problem: The attack surface is an organic, dynamic and poorly understood monster at many organizations. In fact, research from TechTarget’s Enterprise Strategy Group found that 62% of organizations’ attack surface increased over the past two years, driven by additional third-party connections, increasing use of IoT and operational technology, and more use of public cloud infrastructure.
Aside from growth, the attack surface is in a constant state of change as developers, IT operations and security teams, and end users fiddle…
