Business
As war escalates in Europe, it’s ‘shields up’ for the cybersecurity industry
In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
The blanket warning is for all industries to take notice. Indeed, it’s a juxtaposition of sorts to think the cybersecurity industry is vulnerable to cyberattack, but for many nation state groups, this is their first port of call.
Inspired by the spike in attacks on cybersecurity agencies globally, a report from Reposify assessed the state of the cybersecurity industry’s external attack surface (EAS). It coincides with CISA’s warning, and highlights critical areas of concern for the sector and how they mirror trends amongst pharmaceutical and financial companies, providing vital insight into where organizations can focus their efforts, and reinforce the digital perimeter.
The first step to resiliency is to reduce the likelihood of a damaging cyber intrusion in the first place.
The report examined 35 cybersecurity companies and their 350+ subsidiaries with shocking results: during only a two-week period in January 2022, more than 200,000 exposed assets were uncovered at top firms, 42% of which were identified as high-severity issues.
As CISA outlines in its “Shields Up” guidance, the first step to resiliency is to reduce the likelihood of a damaging cyber intrusion in the first place. Recognizing the problem is only the first in a series of actionable moves organizations can make to minimize their external weaknesses to bad actors.
If addressing digital perimeter exposures is the foundation, zoning-in on problem areas is the framing. A deep dive into these deficiencies points to clear solutions all industries – cybersecurity or otherwise – can embrace to protect themselves.
What do companies need to do?
Many factors, including the transition to remote work environments, increased reliance on third-party vendors, digital transformation and offloading services onto the cloud, have significantly increased companies’ external attack surface.
According to the report, the rise of remote access sites saw 89% of identified assets classified as part of the unofficial perimeter. Similarly, 87% of databases were unaccounted for, along with 67% of development tools and 62% of all network assets.
Databases were found to be among the most vulnerable to cybersecurity threat, with over half (51%) of cybersecurity companies hosting an exposed database. Nearly all (97.14%) of security agencies have exposed assets on their Amazon Web Services (AWS), and 86% of those analyzed have at least one sensitive remote access service exposed to the internet.
-
Entertainment6 days ago
WordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment7 days ago
The 22 greatest horror films of 2024, and where to watch them
-
Entertainment7 days ago
Rules for blocking or going no contact after a breakup
-
Entertainment6 days ago
‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment5 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment4 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment5 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment4 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end