It’s no secret that the market for cybersecurity solutions is overflowing with options. How can IT decision makers thoroughly understand which solution is going to fit their unique needs and return value year after year? Forrester makes the case that attack surface management is a solution not only for IT security but can–and should– also be leveraged across the IT organization for data-informed decision making.
Let’s break down the case for attack surface management across the IT organization.
First, what is attack surface management (ASM)?
As defined by Forrester, “The process of continuously discovering, identifying, inventorying, and assessing the exposures of an entity’s IT asset estate.” In the simplest terms, ASM is a comprehensive view of anything that is owned by your organization and accesses the internet, posing a potential entry point into your IT systems. All those assets need to be accounted for and understood by the IT organization in order to prioritize remediation and mitigate risk. Without continuous scanning, context, and a complete picture, your security teams are forced to work from a limited snapshot of vulnerabilities.
Shadow IT, the process of teams adding assets without the IT org’s knowledge, continues to be a burden. We know that IT teams struggle to account for all of their organization’s entire digital footprint; on average, attack surface management tools discover 30% more cloud assets than security and IT teams knew existed. Yet, an organization’s digital footprint isn’t limited to cloud assets. Security teams need to have a 360-degree inventory to remediate risks and eliminate potential vulnerabilities that arise from cloud misconfigurations, complex software supply chains, the use of third-party software, inheriting internet assets from mergers and acquisitions (M&A), and the limited visibility provided by existing security vendors.
Security teams can immediately derive value from cutting down on remediation time. In securing exposures, they’re mitigating the risks and costs of a breach. Without an ASM solution, critical vulnerabilities can take, on average, as long as 205 days to remediate, according to ZDNet. Giving your security team a clear path forward with an accurate inventory can cut remediation time by months.
Second, how is ASM necessary for security, compliance, and finance teams alike?
All of the data collected and analyzed by an attack surface management platform can be used by more than just the security team. Forrester explains that internet asset data can help decision makers across the IT organization, including M&A and Compliance teams, better understand their digital environment and integrate data feeds into their existing processes for optimization.
An ASM platform can also be used to integrate with your existing security tools; common integrations are in IT service management, configuration management database, and vulnerability risk management. Integrating ASM with security analytics tools like Rapid7 and Splunk also means that you can provide more context for your SOC for potential malicious activity.
Additional examples laid out in the Forrester report include IT finance teams using internet asset data to understand existing cloud expenditures and IT operations to map dependencies from existing applications and other IT infrastructure. Integrating data pulled from ASM into a tool like Tableau will help your IT finance team account for potential redundancies or bundling opportunities to get better pricing and usage of things like cloud storage.
These cross-functional benefits are layered on top of the existing security team benefits. Your SOC threat analysts, vulnerability management engineers, compliance officers, and business counterparts can all integrate attack surface management into their existing work processes to increase efficiency and improve security.
Forrester makes three recommendations to enterprises that want to adopt an attack surface management solution.