Reducing the attack surface for progressing in the future of work

Ripu Bajwa
Director and General Manager, Data Protection Solutions
Dell Technologies India

Advancing cybersecurity and Zero Trust maturity starts by focusing on three core practice areas: reducing the attack surface, detecting and responding to cyber threats, and recovering from a cyberattack throughout the infrastructure, including edge, core, and cloud. To effectively reduce the attack surface—a critical component of cybersecurity,  we need to strengthen our security posture.

The attack surface refers to all potential areas in an environment that a cyber attacker can target or exploit. These points can include software vulnerabilities, misconfigurations, weak authentication mechanisms, unpatched systems, excessive user privileges, open network ports, poor physical security, and more.

This is achieved by minimizing the potential vulnerabilities and entry points that attackers can exploit to compromise a system, network, or organization across various domains, including the edge, the core, or the cloud. According to the findings of the Dell Technologies 2024 Innovation Catalyst report, 89% of organizations have been impacted by security attacks in the past 12 months. Reducing the attack surface decreases the opportunities for malicious actors to launch successful cyberattacks while at the same time creating a safe space for organizations to innovate and thrive.

Some ways we can strengthen our security posture include: 

Apply Zero Trust principles: Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead must verify everything trying to connect to their systems before granting access. Organizations can achieve a Zero Trust model by incorporating solutions like micro-segmentation, identity and access management (IAM), multi-factor authentication (MFA), and security analytics, to name a few.

Patch and update regularly: Keeping operating systems, software, and applications up to date with the latest security patches helps address known vulnerabilities and minimize the risk of exploitation.

Ensure secure configuration: Systems, networks, and devices need to be correctly configured with security best practices, such as disabling unnecessary services, using strong passwords, and enforcing access controls, to reduce the potential attack surface.

Apply the principle of least privilege: Limit user and system accounts to only have the minimum access rights necessary to perform their tasks. This approach restricts the potential impact of an attacker gaining unauthorized access.

Use network segmentation: Dividing a network into segments or zones with different security levels helps contain an attack and prevents lateral movement of a cyber threat by isolating critical assets and limiting access between different parts of the network.

Ensure application security: Implementing secure coding practices, conducting regular security testing and code reviews, and using web application firewalls (WAFs) help protect against common application-level attacks and reduce the attack surface of web applications.

Utilize AI/ML: According to the Dell Technologies 2024 Innovation Catalyst report, 58% of Indian businesses feel GenAI will provide automation to help with the efficiency and scale needed to deal with the influx of threats. We can leverage AI capabilities to help proactively identify and patch vulnerabilities, significantly shrinking the attack surface. AI/ML tools can help organizations scale security capabilities.

Work with suppliers who maintain a secure supply chain: Ensure a trusted foundation with devices and infrastructure that are designed, manufactured and delivered with security in mind. Suppliers that provide a secure supply chain, secure development lifecycle and rigorous threat modeling keep you a step head of threat actors.

Educate users and promote awareness: 92%of Indian businesses feel security operations mostly consist of patch management and security updates. This approach can be changed when we have training for employees and users to recognize and report potential security threats, phishing attempts, and social engineering tactics to help minimize the risk of successful attacks that exploit human vulnerabilities. 

As cyber threats continue to evolve, it’s important to remember cybersecurity is not a one-time task but an ongoing process. By proactively implementing these measures, organizations can effectively reduce the attack surface, helping to mitigate risks and making it more challenging for adversaries to exploit vulnerabilities, enhancing the overall defense posture against new and emerging threats. Reducing your attack surface helps you to advance your cybersecurity maturity.

Mr. Ripu Bajwa is the Director and General Manager, Data Protection Solutions at Dell Technologies India

Image by Freepik

Share on