Attack Surface Management

Attack Surface ManagementAttack Surface Management (ASM) is a term gaining popularity in the cybersecurity industry. It also may be a term you hear from your managed service provider when discussing your company’s risk management. ASM aims to continually track, understand, and manage all devices, applications, and cloud systems connected to the Internet to better identify a company’s entire threat surface. Third-party and supply chain technology tools are also included in ASM. Attack surface management has been a cybersecurity concept for at least ten years; but is gaining in popularity now because of IoT devices, remote workers, and employees using personal devices to access company data.

A company’s attack surface is continually changing, and many cyber attacks originate from unknown or poorly-managed IT assets. When we study successful, large-scale malware attacks, many of them originate from known software or hardware vulnerabilities that were not managed correctly.

A common attack vector, and the one used in the SolarWinds attack, is security access for the supply chain or third-party vendors. These access points can often be left open or forgotten long after the businesses no longer interact. The hackers attacked vendors SolarWinds worked with and had access to their network.

The Colonial Pipeline attack is another example of a ransomware attack where attack surface management could have helped identify open threats to the network. Hackers used an open VPN with a leaked password to access the company’s network and threaten the gas supply to the east coast. ASM would go through a process of identifying all open channels like the one used in the Colonial Pipeline attack and manage those connections.

ASM is a unique way of thinking about cybersecurity and looking at threats from the outside of the network looking in. It’s a concept you should understand when discussing cybersecurity with a managed service provider and should prompt questions and conversation when discussing your comprehensive cybersecurity plan for your business.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright