During my cybersecurity career I have journeyed to many companies across a broad range of industries. With the recent proliferation of attacks, I am reminded of a meeting a few years back with a CISO from a global financial company. During this meeting I was asked to describe what their organization’s biggest risk is? At first I felt that this was a loaded question, but as the conversation evolved it mapped out a blue print of how I would think about cybersecurity!
Risk is a broad ranging topic, but at the end of the day the risk is in the attack surface that is presented to the threat actor. Reflecting back on the discussion that I had with the CISO, he was focused on the ingress/egress points to his infrastructure. The CISO was concerned about the vulnerabilities in their development cycles for home grown applications. He was concerned about the consistency of the security policy for the company as a whole and the granularity of a policy to afford the business units the flexibility to operate in a dynamic and secure way. In addition, the need for visibility and identity across the ecosystem were critical areas of emphasis throughout our discussion. The key themes throughout the discussion was a need to be nimble and tailor an approach that would enable the business, but more importantly secure the business.
Years have passed since that discussion, and the pandemic has accelerated the digital transformation. The attack surface is as broad as ever and the sophistication of attacks are being highlighted daily by Solar Winds and Ransomware to name a few. As we assess the risk and objectively try to decipher what our true attack surface is, we are constantly thinking of the following when we engage with our clients!
Visibility into the assets
The identity and purpose; the importance of understanding the who, what, where, when, and why
A policy that is extensible and can be tailored to support a wide range of business needs
Visibility into events and the importance of actionable insights to mitigate risk early in the cyber-kill chain curve
The importance of health checks on the security systems and the policies that are governing access and thwarting attacks
The attack surface is proving to be very risky, however knowing what that attack surface is will be a true guide to implementing a Zero Trust program that fits your unique business requirements.