Rahul Arora, Regional Director, India & SAARC at Skybox Security explores the need for top IT security leaders to understand the risks that are important, dangerous and real to your organization
Rather than looking at the overwhelming and ever-increasing number of threats, your focus should be on identifying those that pose a real risk to your business and knowing the right patching and preventive controls to mitigate them.
To do this you need to create visibility into your assets and eco-system or what is now called as “your attack surface.” It’s time to harness the power of analytics, modeling and simulation to improve attack surface visualization. With better visibility, security teams are better prepared to fend off attacks; with the availability of comprehensive intelligence needed to build a mature security program. A sophisticated attack surface visualization solution gives CISOs and security leaders the ability to see all security exposures at once, zoom in on problem areas and identify what’s causing the problem – all in seconds.
In order to see the attack surface, you have to understand the many layers that create it. To some, the attack surface has only been thought of in terms of vulnerabilities. But there are other factors that put an organization at risk, and they must be analyzed in connection with other attack vectors, the context of a unique network and the potential impact if they are exploited.
To holistically visualize and understand the attack surface and provide context to security risks, a solution needs to consider:
- Topology: By comprehensively mapping all systems, devices and network segments as well as the paths between them, the interdependencies of your network affect risk exposures becomes more apparent. Effective solutions need to incorporate servers, endpoints, networks (including clouds), networking devices and security devices (physical and virtual) into a visual model.
- Indicators of Exposure (IOEs): IOEs highlight a system, device or network that is exposed to a potential attack, helping you secure the organization before an attack occurs. IOEs include software vulnerabilities, misconfigurations and missing security controls, overly permissive rules and violations of security policies and compliance rules.
By “mapping” IOEs to an organization’s topology, security teams can quickly and intuitively extract actionable conclusions from the data. Only Skybox Horizon, an attack surface visualization tool that integrates with the Skybox Security Suite, is capable of combining an organization’s entire topology with all their IOEs in an interactive, visual model.