How to reduce the Attack Surface

The overall attack surface is much larger than we imagine and consists of a multitude of subjects often difficult to track. For example, in public spaces such as hotels, airports, and coffee shops, hackers can target employees when they access free Wi-Fi. Another method involves targeting employees on their home networks. Or, again, they can attack directly your corporate network, that you put great effort to protect. But hackers can also target your company through other companies you do business with.

Identify vulnerabilities: You should keep in mind that the attack surface includes all access points and all terminals. But it also includes the paths that data take out of and into applications, along with any codes that protect those paths (passwords and encryptions).

Identify the types of users: Who can access each point in the system? It is not useful to focus on names and badge numbers – it is better to think about the types of users and what they might be looking for.

Conduct a risk evaluation: Which points hold the most users and have the highest level of vulnerability? These are the areas that should be fortified first. There are software programs that can unearth problems that were thought not to exist.

Protect your relationships: How is it possible to understand that you are dealing with a data violation? How does a company act in response to a threat? It may be helpful, if so, to review the company’s IT regulations.

Application Fields

The area of application is almost exclusively IT. Companies should constantly monitor their “attack surfaces” and block potential dangers as quickly as possible. Simultaneously, they should try to minimize the area exposed to hacking to reduce the risk of successful cyber-attacks.

I said “almost”, because attacks can occur as much digitally remotely as by physically accessing the company. That’s why there are cybersecurity agencies capable of testing a company’s cyber and physical security through real espionage activities and James Bond-like tools. A hybrid data-driven approach that uses automated scans and manual verification.

However, such countermeasures may be difficult to implement because they seemingly run counter to the industry’s attempt to expand the digital footprint and embrace new technologies. It should be remembered that the concept of an attack surface includes every input provided by a user, every protocol, every system interface, and all services such as network ports.

Do you have a Public Affairs & Comms challenge to tackle? Let’s face it. Together.

C-levels from these companies (AND MORE) relied on my expertise to overcome thEIR CHALLENGES IN THIS AREA. And you can, too.

Can I help you?

Public Affairs & Comms

From local to global

Business Functions

• Expanse for the U.S. Federal Agency
The U.S. federal government agency possessed information in data silos between its headquarters, its security operations center, and various field offices, making IT security policies difficult to enforce in a decentralized network on the one hand, and many Intenet-connected assets vulnerable on the other. However, the agency worked with Expanse – a North American company that helps corporate teams monitor (and discover) their Internet-connected assets – to protect numerous points of exposure before hackers could exploit them.

• Microsoft Attack Surface Reduction
Attack Surface Reduction (ASR) are rules that are part of Windows Defender Exploit Guard and that block certain processes and tasks, with the goal of limiting risky behavior and helping protect various organizations. Microsoft knows that applications such as Outlook and Office are the ones most used, and consequently also those most at risk: protecting them must be a priority.